Published on November 14th, 2009 📆 | 6768 Views ⚑0
Botnet Infiltration using Automatic Protocol Reverse-Engineering
Enabling Active Botnet Infiltration using Automatic Protocol Reverse-Engineering
Automatic protocol reverse-engineering is important for many security applications,including the analysis and defense against botnets.Understanding the command-and control (C&C) protocol used by a botnet is crucial for anticipating its repertoire of nefarious activity and to enable active botnet infiltration. Frequently, security analysts need to rewrite messages sent and received by a bot in order to contain malicious activity and to provide the botmaster with an illusion of successful and unhampered operation.