Article

The anatomy of Clickbot.A

Authors:

Neil Daswani,

Michael StoppelmanAuthors Info & Claims

HotBots'07: Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets

Page 11

Published: 10 April 2007 Publication History

Publisher Site

Abstract

This paper provides a detailed case study of the architecture of the Clickbot. A botnet that attempted a low-noise click fraud attack against syndicated search engines. The botnet of over 100,000 machines was controlled using a HTTP-based botmaster. Google identified all clicks on its ads exhibiting Clickbot. Alike patterns and marked them as invalid. We disclose the results of our investigation of this botnet to educate the security research community and provide information regarding the novelties of the attack.

References

[1]

{1} Panda Software and RSA Security dismantle a new online fraud, http://www.pandasoftware.com/ about_panda/press_room/Panda+Software+and+ RSA+Security+dismantle+a+new+online+fraud.htm

Google Scholar

[2]

{2} Swa Frantzen, CLICKbot, http://isc.sans.org/ diary.html?storyid=1334

Google Scholar

[3]

{3} Alexander Tuzhilin, The Lane's Gifts Vs. Google Report, http://googleblog.blogspot.com/pdf/Tuzhilin_Report.pdf

Google Scholar

[4]

{4} The SANS Institute, http://www.sans.org/

Google Scholar

[5]

{5} The PHP Hypertext Processor Home Page, http://www.php.net/

Google Scholar

[6]

{6} MySQL: The World's Most Popular Open-Source Database, http://www.mysql.com/

Google Scholar

[7]

{7} Panda Software Virus Encyclopedia: Clickbot.A, http://www.pandasoftware.com/virus_info/ encyclopedia/overview.aspx?IdVirus=118189&sind=0

Google Scholar

[8]

{8} Neil Daswani, Christoph Kern, Anita Kesavan, Foundations of Security: What Every Programmer Needs To Know, Apress 2007.

Digital Library

Google Scholar

[9]

{9} Reiter, M. K. and Anupam, V. and Mayer, A., Detecting Hit Shaving in Click-Through Payment Schemes, Proceedings of the 3rd USENIX Workshop on Electronic Commerce, 1998.

Digital Library

Google Scholar

Cited By

View all

Chua MYee GGu YLung C(2020)Threats to Online Advertising and CountermeasuresDigital Threats: Research and Practice10.1145/33741361:2(1-27)Online publication date: 29-May-2020
https://dl.acm.org/doi/10.1145/3374136
Nagaraja SShah R(2019)ClicktokProceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks10.1145/3317549.3323407(105-116)Online publication date: 15-May-2019
https://dl.acm.org/doi/10.1145/3317549.3323407
Shakiba TZarifzadeh SDerhami V(2018)Spam query detection using stream clusteringWorld Wide Web10.1007/s11280-017-0471-z21:2(557-572)Online publication date: 1-Mar-2018
https://dl.acm.org/doi/10.1007/s11280-017-0471-z
Show More Cited By

Index Terms

The anatomy of Clickbot.A

Recommendations

Anatomy of ransomware malware: detection, analysis and reporting

Rapidly increasing malware samples pose a serious threat to cyber security especially when they are not getting detected by security tools and techniques. Malware writers obfuscate the malware samples to conceal malicious code inside a legitimate ...
Worm anatomy and model
WORM '03: Proceedings of the 2003 ACM workshop on Rapid malcode

We present a general framework for reasoning about network worms and analyzing the potency of worms within a specific network. First, we present a discussion of the life cycle of a worm based on a survey of contemporary worms. We build on that life ...
Anatomy of malice [computer viruses]

As in controlling the spread of real diseases, the key to effective defenses against computer viruses is to understand the cause and mechanism of infection, not to focus on the symptoms. A computer virus that erases a user's files may seem very ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

HotBots'07: Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets

April 2007

11 pages

Publisher

USENIX Association

United States

Publication History

Published: 10 April 2007

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

43
Total Citations
View Citations
47
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 22 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Chua MYee GGu YLung C(2020)Threats to Online Advertising and CountermeasuresDigital Threats: Research and Practice10.1145/33741361:2(1-27)Online publication date: 29-May-2020
https://dl.acm.org/doi/10.1145/3374136
Nagaraja SShah R(2019)ClicktokProceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks10.1145/3317549.3323407(105-116)Online publication date: 15-May-2019
https://dl.acm.org/doi/10.1145/3317549.3323407
Shakiba TZarifzadeh SDerhami V(2018)Spam query detection using stream clusteringWorld Wide Web10.1007/s11280-017-0471-z21:2(557-572)Online publication date: 1-Mar-2018
https://dl.acm.org/doi/10.1007/s11280-017-0471-z
DeBlasio JGuha SVoelker GSnoeren AUhlig SMaennel O(2017)Exploring the dynamics of search advertiser fraudProceedings of the 2017 Internet Measurement Conference10.1145/3131365.3131393(157-170)Online publication date: 1-Nov-2017
https://dl.acm.org/doi/10.1145/3131365.3131393
Chen YKintis PAntonakakis MNadji YDagon DLee WFarrell M(2016)Financial Lower Bounds of Online Advertising AbuseProceedings of the 13th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment - Volume 972110.1007/978-3-319-40667-1_12(231-254)Online publication date: 7-Jul-2016
https://dl.acm.org/doi/10.1007/978-3-319-40667-1_12
Vattikonda BDave VGuha SSnoeren ACho KFukuda KPai VSpring N(2015)Empirical Analysis of Search Advertising StrategiesProceedings of the 2015 Internet Measurement Conference10.1145/2815675.2815694(79-91)Online publication date: 28-Oct-2015
https://dl.acm.org/doi/10.1145/2815675.2815694
Chang WMohaisen AWang AChen SBao FMiller SZhou JAhn G(2015)Measuring Botnets in the WildProceedings of the 10th ACM Symposium on Information, Computer and Communications Security10.1145/2714576.2714637(645-650)Online publication date: 14-Apr-2015
https://dl.acm.org/doi/10.1145/2714576.2714637
Gañán CCetin Ovan Eeten MBao FMiller SZhou JAhn G(2015)An Empirical Analysis of ZeuS C&C LifetimeProceedings of the 10th ACM Symposium on Information, Computer and Communications Security10.1145/2714576.2714579(97-108)Online publication date: 14-Apr-2015
https://dl.acm.org/doi/10.1145/2714576.2714579
Zarras AKapravelos AStringhini GHolz TKruegel CVigna GWilliamson CAkella ATaft N(2014)The Dark Alleys of Madison AvenueProceedings of the 2014 Conference on Internet Measurement Conference10.1145/2663716.2663719(373-380)Online publication date: 5-Nov-2014
https://dl.acm.org/doi/10.1145/2663716.2663719
Pearce PDave VGrier CLevchenko KGuha SMcCoy DPaxson VSavage SVoelker GAhn GYung MLi N(2014)Characterizing Large-Scale Click Fraud in ZeroAccessProceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security10.1145/2660267.2660369(141-152)Online publication date: 3-Nov-2014
https://dl.acm.org/doi/10.1145/2660267.2660369
Show More Cited By

Abstract

References

Cited By

Index Terms

Recommendations

Anatomy of ransomware malware: detection, analysis and reporting

Worm anatomy and model

Anatomy of malice [computer viruses]

Comments

Information

Published In

Sponsors

Publisher

Publication History

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations