Understanding Malware on the Internet

April 6, 2011
John John | University of Washington

Botnets are responsible for many of the malicious activities on the Internet, such as spam, distributed denial-of-service attacks, and click fraud. A thorough understanding of botnets is necessary to effectively combat this growing threat. However, there is a dearth of information about botnet structure and behavior, partly because of a lack of monitoring infrastructure, and partly because of the use of increasingly sophisticated techniques by botnets to evade detection.

In this talk, I describe the design and implementation of a comprehensive botnet-monitoring platform that can provide detailed information regarding botnets and their activities in a timely fashion, with minimal human interaction. We have used this system to track botnet-related activities and to monitor the propagation of bots and the techniques used to infect new hosts. I will also discuss how the information gathered from this deployment can enable the development of defenses against botnets at every stage in their life-cycle.

Speaker Details

John is a Ph.D. student at the University of Washington. Previously, he received his M.S. from UW and B.Tech from IIT-Madras in 2005. His primary research interests are in security and networking, but has also worked on distributed systems, network measurements, and wireless networks.