Highly resilient peer-to-peer botnets are here: An analysis of Gameover Zeus

Dennis Andriesse, Christian Rossow, Brett Stone-Gross, Daniel Plohmann, Herbert Bos

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

Abstract

Zeus is a family of credential-stealing trojans which originally appeared in 2007. The first two variants of Zeus are based on centralized command servers. These command servers are now routinely tracked and blocked by the security community. In an apparent effort to withstand these routine countermeasures, the second version of Zeus was forked into a peer-to-peer variant in September 2011. Compared to earlier versions of Zeus, this peer-to-peer variant is fundamentally more difficult to disable. Through a detailed analysis of this new Zeus variant, we demonstrate the high resilience of state of the art peer-to-peer botnets in general, and of peer-to-peer Zeus in particular.

Original languageEnglish
Title of host publication2013 8th International Conference on Malicious and Unwanted Software [Proceedings]
Subtitle of host publication"The Americas", MALWARE 2013
Place of PublicationFajardo, Puerto Rico, USA
PublisherACM, IEEE Computer Society
Pages116-123
Number of pages8
ISBN (Print)9781479925339
DOIs
Publication statusPublished - 2013
Event2013 8th International Conference on Malicious and Unwanted Software: "The Americas", MALWARE 2013 - Fajardo, PR, United States
Duration: 22 Oct 201324 Oct 2013

Conference

Conference2013 8th International Conference on Malicious and Unwanted Software: "The Americas", MALWARE 2013
CountryUnited States
CityFajardo, PR
Period22/10/1324/10/13

Fingerprint Dive into the research topics of 'Highly resilient peer-to-peer botnets are here: An analysis of Gameover Zeus'. Together they form a unique fingerprint.

  • Cite this

    Andriesse, D., Rossow, C., Stone-Gross, B., Plohmann, D., & Bos, H. (2013). Highly resilient peer-to-peer botnets are here: An analysis of Gameover Zeus. In 2013 8th International Conference on Malicious and Unwanted Software [Proceedings]: "The Americas", MALWARE 2013 (pp. 116-123). [6703693] Fajardo, Puerto Rico, USA: ACM, IEEE Computer Society. https://doi.org/10.1109/MALWARE.2013.6703693