CRC-Botnets 2018 : Botnets: Architectures, Countermeasures, and Challenges
Call For Papers
Book Title: Botnets: Architectures, Countermeasures, and Challenges
To be published by CRC Series in Security, Privacy and Trust - Taylor & Francis
Botnets pose a growing threat to the Internet, with distributed denial-of-service (DDoS) attacks of any kind carried out by botnets to be on the rise. In the Internet of Everything (IoE) era, a botnet army can be assembled using a variety of enslaved machines, including desktop computers, smartphones, wearables, and embedded devices. These multitudinous armies are controlled remotely by a malicious third party, known also as the botmaster or bothearder. Recent botnet examples, such as the case of the Mirai botnet, prove that it is quite straightforward to discover and remotely control thousands or millions unmonitored and poorly protected devices. The mushrooming of cheap Internet of Things (IoT) devices deployed with the default settings and left unattended gives rise to even greater concerns that mightier in population and power botnets are about to surface.
To stay off the radar, and increase the resilience of their botnet, botmasters employ covert command and control (C&C) channels for keeping in touch with the bots and disseminate their instructions. Nowadays, they even hide their C&C servers inside the vast cloud computing infrastructure and take advantage of robust anonymity networks like Tor and I2P. To do so, a botmaster takes advantage of a variety of architectures, namely centralized, decentralized and hybrid, rely on network protocols, including HTTP, IRC, DNS, P2P, and exploits techniques like fast-fluxing, domain generation algorithm (DGA) and network domain fronting. On the other hand, the efforts of the defenders are focusing on the timely detection and hijacking of the C&C channel to isolate the bots from their controller. Besides launching DDoS attacks, botnets are used for spam campaigns, sensitive data harvesting, distribution of malware, cryptocurrency mining, defamation campaigns, to name a few. In fact, a botnet is the perfect means to exercise economically profitable low-risk criminal activities. Typically, the botmaster leases their infrastructure to potential customers for accomplishing their goals. So, even for the naive attacker, it is easy to hire for a specific period the service of a botnet in order to achieve their nefarious desires, while the accumulative revenue for the botmaster are huge. Perhaps, the most popular service, which actually sells access to DDoS botnets is well-known as DDoS-for-hire or euphemistically “Stresser”. Of course, all these botnet services are created by cybercrime-as-a-service producers. Even more, with the exploitation of the infected machines’ computer power for cryptocurrency mining, the profit of the botmaster can be significantly increased, while the trace-back of the revenues is rendered impossible.
Objective of the book:
The objective of this edited book is to attract solid, state-of-the-art contributions from both scientists and practitioners working on botnet detection and analysis, including botnet economics. We seek original theoretical or empirical chapters dealing with both offensive and defensive aspects in this field. Particularly, a chapter may address fundamental theory, current trends and techniques for evading detection, as well as practical experiences concerning detection and defensive strategies for the botnet ecosystem. Surveys, simulations, practical results and case studies are also welcomed.
We seek contributions in the following four broad categories of topics pertaining to botnets:
Botnet modeling, topologies, and architectures
- Centralized, decentralized and hybrid botnet architectures
- Peer to peer (P2P) botnets
- Mobile botnets
- IoT-based botnets
- Cloud-based botnets
- Social network botnets
Economics of botnets
- Cybercrime and underground economy
- Optimization of botnet size
- Strategies to reduce the profitability of criminal botnets
- Methods to calculate the territorial sizes for online criminal networks
- Botnet-as-a-Service, Booters, Stressers
Advanced C&C channels:
- Botnet behavior and protocol modeling and analysis
- Domain Generation Algorithms
State-of-the-art in detection and mitigation of botnets:
- Botnet-powered DDoS attacks
- Botnet infiltration
- Botnet shutdown operation
- DGA-based domain name sinkholing
- Traffic monitoring and big data analysis of botnet coordination
- Graph representation and analysis of botnets
- SDN-based botnet detection and blocking
- Cryptocurrency mining botnets
- Legal issues
Chapter Proposals/Full Chapters submission:
Chapter proposals and full chapters can be submitted using email attachments to editors via email (firstname.lastname@example.org) with the email subject of "Chapters for Botnets: Architectures, Countermeasures, and Challenges". Authors of accepted proposals will be notified 2-3 weeks after the submission, but final acceptance will still depend upon a review of the resulting chapter.
Authors should send the chapters in single column format (single spaced, 10 point Times Roman font, 8.5 x 11-inch page size).
-The maximum number of pages for the proposal is 2.
-The full chapter submission can have about 16 to 25 pages, but more are allowed.
Full Chapter Submission: Dec. 31, 2018
Notification: Feb. 28, 2019
Final Chapter Submission: March 31, 2019
Dr. Georgios Kambourakis
University of the Aegean, Greece
Dr. Marios Anagnostopoulos
Technology and Design (SUTD), Singapore
Dr. Weizhi Meng
Technical University of Denmark (DTU)
Dr. Peng Zhou
Shanghai University, China