Login | Register

Botnet Reverse Engineering and Call Sequence Recovery


Botnet Reverse Engineering and Call Sequence Recovery

Sinha, Prosenjit (2011) Botnet Reverse Engineering and Call Sequence Recovery. Masters thesis, Concordia University.

[thumbnail of Sinha_MCompSc_S2012.pdf]
Text (application/pdf)
Sinha_MCompSc_S2012.pdf - Accepted Version


The focus on computer security has increased due to the ubiquitous use of Internet. Criminals mistreat the anonymous and insidious traits of Internet to commit monetary online fraud, theft and extortion. Botnets are the prominent vehicle for committing online crimes. They provide platform for a botmaster to control a large group of infected Internetconnected computers. Botmaster exploits this large group of connected computers to send spam, commit click fraud, install adware/spyware, flood specific network from distributed locations, host phishing sites and steal personal credentials. All these activities pose serious threat for individuals and organizations. Furthermore, the situation demands more attention since the research and the development of underground criminal industry is faster than security research industry. To cope up against the ever growing botnet threats, security
researchers as well as Internet-users need cognizance on the recent trends and techniques of botnets. In this thesis, we analyze in-depth by reverse engineering two prominent botnets namely, Mariposa and Zeus. The findings of the analysis may foster the knowledge of security researchers in multiple dimensions to deal with the botnet issue.To enhance the abstraction and visualization techniques of reverse engineering, we develop a tool which is used for detailed outlook of call sequences.

Divisions:Concordia University > Gina Cody School of Engineering and Computer Science > Computer Science and Software Engineering
Item Type:Thesis (Masters)
Authors:Sinha, Prosenjit
Institution:Concordia University
Degree Name:M. Comp. Sc.
Program:Computer Science
Date:17 February 2011
Thesis Supervisor(s):Debbabi, Mourad
ID Code:7083
Deposited On:20 Jun 2012 13:07
Last Modified:18 Jan 2018 17:30
All items in Spectrum are protected by copyright, with all rights reserved. The use of items is governed by Spectrum's terms of access.

Repository Staff Only: item control page

Downloads per month over past year

Research related to the current document (at the CORE website)
- Research related to the current document (at the CORE website)
Back to top Back to top