Botnet Business Models, Takedown Attempts, and the Darkweb Market: A Survey-Reference-Cited by-同舟云学术

Botnet Business Models, Takedown Attempts, and the Darkweb Market: A Survey

Published:2023-02-09 Issue:11 Volume:55 Page:1-39
ISSN:0360-0300
Container-title:ACM Computing Surveys
language:en
Short-container-title:ACM Comput. Surv.

Author:

Georgoulias Dimitrios¹^ORCID,Pedersen Jens Myrup¹^ORCID,Falch Morten¹^ORCID,Vasilomanolakis Emmanouil²^ORCID

Affiliation:

1. Aalborg University, Copenhagen, Denmark

2. Technical University of Denmark, Kongens Lyngby, Denmark

Abstract

Botnets account for a substantial portion of cybercrime. Botmasters utilize darkweb marketplaces to promote and provide their services, which can vary from renting or buying a botnet (or parts of it) to hiring services (e.g., distributed denial of service attacks). At the same time, botnet takedown attempts have proven to be challenging, demanding a combination of technical and legal methods, and often requiring the collaboration of a plethora of entities with varying jurisdictions. In this article, we map the elements associated with the business aspect of botnets and utilize them to develop adaptations of two widely used business models. Furthermore, we analyze the 28 most notable botnet takedown operations carried out from 2008 to 2021, in regard to the methods employed, and illustrate the correlation between these methods and the segments of our adapted business models. Our analysis suggests that the botnet takedown methods have been mainly focused on the technical side, but not on the botnet economic components. We aim to shed light on new takedown vectors and incentivize takedown actors to expand their efforts to methods oriented more toward the business side of botnets, which could contribute toward eliminating some of the challenges that surround takedown operations.

Publisher

Association for Computing Machinery (ACM)

Subject

General Computer Science,Theoretical Computer Science

Link

https://dl.acm.org/doi/pdf/10.1145/3575808

Reference144 articles.

1. Tokunbo Agbolade. 2020. Value Chain Analysis: An Internal Assessment of Competitive Advantage. Retrieved December 22 2022 from https://www.business-to-you.com/value-chain/.

2. Wajeeha Ahmad. 2019. Why Botnets Persist: Designing Effective Technical and Policy Interventions. Retrieved December 22 2022 from https://internetpolicy.mit.edu/wp-content/uploads/2019/09/publications-ipri-2019-02.pdf.

3. Akamai. 2020. Ransom Demands Return: New DDoS Extortion Threats from Old Actors Targeting Finance and Retail. Retrieved December 22 2022 from https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html.

4. Bruce Sterling. 2008. Srizbi Botnet Re-commandeered spewing spam all over. https://www.wired.com/2008/11/srizbi-botnet-r/.

5. A survey of botnet detection based on DNS

Cited by 2 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Methodological Approach for Identifying Websites with Infringing Content via Text Transformers and Dense Neural Networks;Future Internet;2023-12-09

2. Cheaper than you thought? A dive into the darkweb market of cyber-crime products;Proceedings of the 18th International Conference on Availability, Reliability and Security;2023-08-29