NETS: Small: Exploiting Social Communication Channels Against Cyber Criminals
- View All
Malware, especially botnets, have become the main source of most attacks and malicious activities on Internet. Bots communicate with each other and Command & Control servers to coordinate their malicious activities. This project is developing new techniques and tools to detect malicious activities and botnets through analyzing their communication channels. This project plans to investigate mechanisms for detecting these communication channels through several novel mechanisms: (i) through a graph analysis of social contacts, (ii) analyzing graph properties of communication to decipher Peer to peer communication properties of bots and (iii) machine learning based approaches to analyzing network traffic. The automation required to propagate malicious contents and malware will result in different behavior than human behavior in these communication channels. We expect the generated names, content, the time of contacts and communication, the social graph structures to be sufficiently different to enable us to develop techniques for detection of malicious entities. Our work focuses on developing robust techniques that are hard to evade or limit the botnet functions when they try to evade the detection mechanisms. Developed analysis tools will help in detecting botnets in networks and malicious entities in social networks. Educational impact will include training graduate and undergraduate students with valuable research skills while advancing the state of the art in network security and traffic analysis, contributing to the technology workforce. We will publish our results and enable technology transfer to industry.