posted by user: gkvk70 || 8125 views || tracked by 10 users: [display]

CRC-Botnets 2018 : Botnets: Architectures, Countermeasures, and Challenges

FacebookTwitterLinkedInGoogle

 
When N/A
Where N/A
Submission Deadline Dec 31, 2018
Notification Due Feb 28, 2019
Final Version Due Mar 31, 2019
Categories    botnets   security   IOT   network security
 

Call For Papers

Book Title: Botnets: Architectures, Countermeasures, and Challenges
To be published by CRC Series in Security, Privacy and Trust - Taylor & Francis

Introduction:
Botnets pose a growing threat to the Internet, with distributed denial-of-service (DDoS) attacks of any kind carried out by botnets to be on the rise. In the Internet of Everything (IoE) era, a botnet army can be assembled using a variety of enslaved machines, including desktop computers, smartphones, wearables, and embedded devices. These multitudinous armies are controlled remotely by a malicious third party, known also as the botmaster or bothearder. Recent botnet examples, such as the case of the Mirai botnet, prove that it is quite straightforward to discover and remotely control thousands or millions unmonitored and poorly protected devices. The mushrooming of cheap Internet of Things (IoT) devices deployed with the default settings and left unattended gives rise to even greater concerns that mightier in population and power botnets are about to surface.
To stay off the radar, and increase the resilience of their botnet, botmasters employ covert command and control (C&C) channels for keeping in touch with the bots and disseminate their instructions. Nowadays, they even hide their C&C servers inside the vast cloud computing infrastructure and take advantage of robust anonymity networks like Tor and I2P. To do so, a botmaster takes advantage of a variety of architectures, namely centralized, decentralized and hybrid, rely on network protocols, including HTTP, IRC, DNS, P2P, and exploits techniques like fast-fluxing, domain generation algorithm (DGA) and network domain fronting. On the other hand, the efforts of the defenders are focusing on the timely detection and hijacking of the C&C channel to isolate the bots from their controller. Besides launching DDoS attacks, botnets are used for spam campaigns, sensitive data harvesting, distribution of malware, cryptocurrency mining, defamation campaigns, to name a few. In fact, a botnet is the perfect means to exercise economically profitable low-risk criminal activities. Typically, the botmaster leases their infrastructure to potential customers for accomplishing their goals. So, even for the naive attacker, it is easy to hire for a specific period the service of a botnet in order to achieve their nefarious desires, while the accumulative revenue for the botmaster are huge. Perhaps, the most popular service, which actually sells access to DDoS botnets is well-known as DDoS-for-hire or euphemistically “Stresser”. Of course, all these botnet services are created by cybercrime-as-a-service producers. Even more, with the exploitation of the infected machines’ computer power for cryptocurrency mining, the profit of the botmaster can be significantly increased, while the trace-back of the revenues is rendered impossible.

Objective of the book:
The objective of this edited book is to attract solid, state-of-the-art contributions from both scientists and practitioners working on botnet detection and analysis, including botnet economics. We seek original theoretical or empirical chapters dealing with both offensive and defensive aspects in this field. Particularly, a chapter may address fundamental theory, current trends and techniques for evading detection, as well as practical experiences concerning detection and defensive strategies for the botnet ecosystem. Surveys, simulations, practical results and case studies are also welcomed.

Topics:
We seek contributions in the following four broad categories of topics pertaining to botnets:

Botnet modeling, topologies, and architectures
- Centralized, decentralized and hybrid botnet architectures
- Peer to peer (P2P) botnets
- Mobile botnets
- IoT-based botnets
- Cloud-based botnets
- Social network botnets

Economics of botnets
- Cybercrime and underground economy
- Optimization of botnet size
- Strategies to reduce the profitability of criminal botnets
- Methods to calculate the territorial sizes for online criminal networks
- Botnet-as-a-Service, Booters, Stressers

Advanced C&C channels:
- Botnet behavior and protocol modeling and analysis
- Fast-fluxing
- Domain Generation Algorithms

State-of-the-art in detection and mitigation of botnets:
- Botnet-powered DDoS attacks
- Botnet infiltration
- Botnet shutdown operation
- DGA-based domain name sinkholing
- Traffic monitoring and big data analysis of botnet coordination
- Graph representation and analysis of botnets
- SDN-based botnet detection and blocking
- Cryptocurrency mining botnets
- Legal issues

Chapter Proposals/Full Chapters submission:
Chapter proposals and full chapters can be submitted using email attachments to editors via email (gkamb@aegean.gr) with the email subject of "Chapters for Botnets: Architectures, Countermeasures, and Challenges". Authors of accepted proposals will be notified 2-3 weeks after the submission, but final acceptance will still depend upon a review of the resulting chapter.

Authors should send the chapters in single column format (single spaced, 10 point Times Roman font, 8.5 x 11-inch page size).
-The maximum number of pages for the proposal is 2.
-The full chapter submission can have about 16 to 25 pages, but more are allowed.

Important dates:
Full Chapter Submission: Dec. 31, 2018
Notification: Feb. 28, 2019
Final Chapter Submission: March 31, 2019

Editor Information:
Dr. Georgios Kambourakis
University of the Aegean, Greece
gkamb@aegean.gr

Dr. Marios Anagnostopoulos
Technology and Design (SUTD), Singapore
marios_a@sutd.edu.sg

Dr. Weizhi Meng
Technical University of Denmark (DTU)
weme@dtu.dk

Dr. Peng Zhou
Shanghai University, China
pzhou@shu.edu.cn

Related Resources

EAIoT-SI 2022   Special Issue on Enterprise Architectures in the IoT Era - Challenges, Solutions, and Recommendations -
S&P 2022   IEEE Symposium on Security and Privacy (Third deadline)
CRC--IEEE, Ei Compendex, Scopus 2021   IEEE--2021 the 6th International Conference on Control, Robotics and Cybernetics (CRC 2021)--Ei Compendex, Scopus
IoTBDS 2022   7th International Conference on Internet of Things, Big Data and Security
IEEE--CRC--Ei, Scopus 2021   IEEE--2021 the 6th International Conference on Control, Robotics and Cybernetics (CRC 2021)--Ei Compendex, Scopus
ICISSP 2022   8th International Conference on Information Systems Security and Privacy
blockchain_ml_iot 2021   Network and Electronics (MDPI) Joint Special Issue - Blockchain and Machine Learning for IoT: Security and Privacy Challenges
Taylor & Francis/CRC Press 2022   Blockchain and Artificial Intelligence Solution to Enhance the Privacy in Digital Identity and Internet of Things
IJCCMS 2021   International Journal of Chaos, Control, Modelling and Simulation
DLIS 2022   Deep Learning for IoT Security - Frontiers in Big Data Journal