Browse by author
Lookup NU author(s): Dr Taha Ali, Patrick Mccorry, Dr Peter Lee, Professor Feng Hao
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License (CC BY-NC 4.0).
© 2017 Springer-Verlag Berlin Heidelberg Botnets are the preeminent source of online crime and arguably one of the greatest threats to the Internet infrastructure. In this paper, we present ZombieCoin, a botnet command-and-control (C&C) mechanism that leverages the Bitcoin network. ZombieCoin offers considerable advantages over existing C&C techniques, most notably the fact that Bitcoin is designed to resist the very same takedown campaigns and regulatory processes that are the most often-used methods to combat botnets today. Furthermore, we describe how the Bitcoin network enables novel C&C techniques, which dramatically expand the scope of this threat, including the possibilities of flexible rendezvous scheduling, efficient botnet partitioning, and fine-grained control over bots. We validate our claims by implementing ZombieCoin bots which we then deploy and successfully control over the Bitcoin network. Our findings lead us to believe that Bitcoin-based C&C mechanisms are a highly desirable option that botmasters will pursue in the near future. We hope our study provides a useful first step towards devising effective countermeasures for this threat.
Author(s): Ali ST, McCorry P, Lee PH-J, Hao F
Publication type: Article
Publication status: Published
Journal: International Journal of Information Security
Year: 2018
Volume: 17
Issue: 4
Pages: 411-422
Print publication date: 01/08/2018
Online publication date: 01/06/2017
Acceptance date: 02/04/2016
Date deposited: 22/08/2017
ISSN (print): 1615-5262
ISSN (electronic): 1615-5270
Publisher: Springer Verlag
URL: https://doi.org/10.1007/s10207-017-0379-8
DOI: 10.1007/s10207-017-0379-8
Altmetrics provided by Altmetric