Show simple item record

dc.contributor.authorLee, Christopher Patricken_US
dc.date.accessioned2009-06-08T19:22:00Z
dc.date.available2009-06-08T19:22:00Z
dc.date.issued2009-03-12en_US
dc.identifier.urihttp://hdl.handle.net/1853/28191
dc.description.abstractCriminals use the anonymity and pervasiveness of the Internet to commit fraud, extortion, and theft. Botnets are used as the primary tool for this criminal activity. Botnets allow criminals to accumulate and covertly control multiple Internet-connected computers. They use this network of controlled computers to flood networks with traffic from multiple sources, send spam, spread infection, spy on users, commit click fraud, run adware, and host phishing sites. This presents serious privacy risks and financial burdens to businesses and individuals. Furthermore, all indicators show that the problem is worsening because the research and development cycle of the criminal industry is faster than that of security research. To enable researchers to measure botnet connection models and counter-measures, a flexible, rapidly augmentable framework for creating test botnets is provided. This botnet framework, written in the Ruby language, enables researchers to run a botnet on a closed network and to rapidly implement new communication, spreading, control, and attack mechanisms for study. This is a significant improvement over augmenting C++ code-bases for the most popular botnets, Agobot and SDBot. Rubot allows researchers to implement new threats and their corresponding defenses before the criminal industry can. The Rubot experiment framework includes models for some of the latest trends in botnet operation such as peer-to-peer based control, fast-flux DNS, and periodic updates. Our approach implements the key network features from existing botnets and provides the required infrastructure to run the botnet in a closed environment.en_US
dc.publisherGeorgia Institute of Technologyen_US
dc.subjectSimulationen_US
dc.subjectSimulatorsen_US
dc.subjectEmulationen_US
dc.subjectSpamen_US
dc.subjectDDoSen_US
dc.subjectInformation securityen_US
dc.subjectBotnetsen_US
dc.subjectNetwork securityen_US
dc.subject.lcshComputer networks Security measures
dc.subject.lcshComputer crimes
dc.titleFramework for botnet emulation and analysisen_US
dc.typeDissertationen_US
dc.description.degreePh.D.en_US
dc.contributor.departmentElectrical and Computer Engineeringen_US
dc.description.advisorCommittee Chair: Copeland, John; Committee Member: Durgin, Gregory; Committee Member: Goodman, Seymour; Committee Member: Owen, Henry; Committee Member: Riley, Georgeen_US


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record