Botnets have historically used centralized architectures for their command and control systems. While deployment and logical construction of these systems is simplistic and efficient, a critical weak-point exists in the central server used to coordinate messages and route traffic. Recently, the introduction of decentralized architectures with peer-to-peer (P2P) routing has provided malware authors with increased resilience and location obfuscation for command distribution points. To date, botnets with these topologies have been difficult for the defenders to accurately enumerate and effectively remediate. In this chapter, we describe the architectures, capabilities, functional behaviors, and current mitigation efforts for the Nugache, Storm, and Mayday botnets. © 2009 Springer-Verlag Berlin Heidelberg.
CITATION STYLE
Kang, B. B. H., & Nunnery, C. (2009). Decentralized peer-to-peer botnet architectures. Studies in Computational Intelligence, 251, 251–264. https://doi.org/10.1007/978-3-642-04141-9_12
Mendeley helps you to discover research relevant for your work.