Botnets Architectures, Countermeasures, and Challenges Series in Security, Privacy and Trust Series

This book provides solid, state-of-the-art contributions from both scientists and practitioners working on botnet detection and analysis, including botnet economics. It presents original theoretical and empirical chapters dealing with both offensive and defensive aspects in this field. Chapters address fundamental theory, current trends and techniques for evading detection, as well as practical experiences concerning detection and defensive strategies for the botnet ecosystem, and include surveys, simulations, practical results, and case studies.

Contents

Preface .......................................................................................................... vii

About the Editors ...........................................................................................ix

Contributors...................................................................................................xi

1 Botnet Architectures: A State-of-the-Art Review.................................... 1

BASHEER AL-DUWAIR AND MOATH JARRAH

2 IoT Botnets: The Journey So Far and the Road Ahead........................ 33

PASCAL GEENENS

3 IoT Botnet Traits and Techniques: A View of the State of the Art .... 101

PASCAL GEENENS

4 Advanced Information Hiding Techniques for Modern Botnets ....... 165

LUCA CAVIGLIONE, WOJCIECH MAZURCZYK, AND STEFFEN

WENDZEL

5 Steganography Techniques for Command and Control

(C2) Channels.................................................................................... 189

JEDRZEJ BIENIASZ AND KRZYSZTOF SZCZYPIORSKI

6 Blockchain-Based Botnets for Command-and-Control Resilience .... 217

WEIZHI WANG AND XIAOBO MA

7 Detecting Botnets and Unknown Network Attacks in

Big Traffic Data ................................................................................. 237

LUIS SACRAMENTO, IBÉRIA MEDEIROS, JOÃO BOTA, AND MIGUEL

CORREIA

8 Domain Generation Algorithm Detection Techniques through

Network Analysis and Machine Learning .......................................... 269

FEDERICA BISIO, SALVATORE SAELI, AND DANILO MASSA

9 Identifying IoT-Based Botnets: A Microservice Architecture for

IoT Management and Security........................................................... 293

THARUN KAMMARA AND MELODY MOH

10 Understanding and Detecting Social Botnet.......................................327

YUEDE JI AND QIANG LI

11 Use of Botnets for Mining Cryptocurrencies ......................................359

RENITA MURIMI

12 Time to Diverge the Botnet Revenues from Criminal Wallet?............387

GIOVANNI BOTTAZZI, GIANLUIGI ME, PIERLUIGI PERRONE, AND

GIUSEPPE GIULIO RUTIGLIANO

Index............................................................................................................403

Dr. Marios Anagnostopoulos received his Ph.D. degree in information and

communication systems engineering from the Department of Information and

Communication Systems Engineering, University of the Aegean, Greece, in 2016.

The title of his doctoral thesis was “DNS as a multipurpose attack vector.”

Currently, he is Post-Doctoral Research Fellow in the Norwegian University of

Science and Technology (NTNU). Prior to joining NTNU, he worked as Post-

Doctoral Research Fellow in the Singapore University of Technology and Design

(SUTD). His research interests are in the fields of network security and privacy,

mobile and wireless networks security, cyber-physical security, and blockchain in

security and privacy.

Dr. Georgios Kambourakis received the Ph.D. degree in information and communication

systems engineering from the Department of Information and Communications

Systems Engineering, University of the Aegean, Greece, where he is

currently an associate professor, and the head of the department. His research

interests are in the fields of mobile and wireless networks security and privacy. He

has over 120 refereed publications in the aforementioned fields of study. For more

information, please visit http://www.icsd.aegean.gr/gkamb.

Dr. Weizhi Meng is currently an assistant professor in the Cyber Security Section,

Department of Applied Mathematics and Computer Science, Technical University

of Denmark (DTU), Denmark. He received his Ph.D. degree in computer science

from the City University of Hong Kong (CityU), China. Prior to joining DTU, he

worked as a research scientist in Institute for Infocomm Research, A*Star, Singapore,

and as a senior research associate in CS Department, CityU. He won the Outstanding

Academic Performance Award during his doctoral study and is a recipient of