dc.description.abstract |
We propose Stegobot, a new generation botnet that communicates
over probabilistically unobservable communication channels.
It is designed to spread via social malware attacks and steal information
from its victims. Unlike conventional botnets, Stegobot tra c does
not introduce new communication endpoints between bots. Instead, it is
based on a model of covert communication over a social-network overlay
{ bot to botmaster communication takes place along the edges of a social
network. Further, bots use image steganography to hide the presence of
communication within image sharing behavior of user interaction. We
show that it is possible to design such a botnet even with a less than
optimal routing mechanism such as restricted
ooding. We analyzed a
real-world dataset of image sharing between members of an online social
network. Analysis of Stegobot's network throughput indicates that
stealthy as it is, it is also functionally powerful { capable of channeling
fair quantities of sensitive data from its victims to the botmaster at tens
of megabytes every month |
en_US |