Jason Jones
Last known affiliation: HP Inc
Jason Jones 🗣 | Marc Eisenbarth 🗣
Abstract (click to view)
The problem of tracking botnets is not a new one, but still proves to be an important and fruitful research topic. We have been tracking many botnets for years using an internally built tracking system, which has undergone a number of significant improvements and changes over the years. The basic tenet is a language for implementing botnet command-and-control mechanisms and tracking the resulting infiltrated botnets. This paper will cover the evolution of this system, which offers a vignette of the evolution of the modern day botnet itself. With this historical backdrop, we discuss our current monitoring mechanisms and selected botnet family case-studies, highlighting results we have obtained from our system and conclude with offering a toolkit which allows others to conduct similar investigations.
White paper: Show