Botnet Intelligence Through Infiltration

Status: Ongoing

We are developing techniques and refining our capability to perform experiments that infiltrate botnets under our control. To this we are developing passive (e.g., decoding the command and control messages and understanding their effects), active (e.g., responding to status requests), and adversarial (e.g., sending messages to incur some action) techniques for botnets.

Our experiments are designed to exercise a range of effective antibotnet stratagems including intelligence gathering on botnet operations, botmaster attribution, and the countermanding of the entire command-and-control infrastructure.


Project members

Collaboration with