Friday, January 1, 2010

Walowdac - Analysis of a Peer-to-Peer Botnet

In this paper, we present the results of yet another analysis of Waledac.Our focus was to try and verify previous measure-ments as well as building and refining tools to study the botnet efficiently.In contrast to the analysis of previous decentralized botnets,a sim-ple crawling of active peers was no solution to gather in-depth information like the size of the botnet. Instead, we implemented a bot clone to infiltrate the network and capture all data passing through this system. Furthermore, to measure the size we actively interfered with the botnet to inject the IP addresses of our analysis systems, a method not applied before

Download PDF

No comments: