A group of security researchers have developed an automated "honeybot" system for protecting against the use of social botnets, such as the infamous Koobface, an increasingly popular strategy for spreading malware and spam via Facebook and Twitter.
A team of computer scientists from the University of Illinois at Urbana-Champaign and the University of Washington have created a system called Sodexo, which aims to study social botnets from the inside and works out how to take them down
Social botnets are created via infected user’s device and compromise their social networking accounts. The compromised account is then used to send spam messages to the user’s contacts, containing links to websites with the executable malware.
To sneak into the social botnet, Sodexo creates fake accounts and farms out a series of friend requests, until it achieves a critical mass.
It then simply watches its social network on the look out for links to follow – once it finds one linking to unblocked malware, it can simply follow it and become part of the social botnet.
This honeypot then goes in to exploitation mode, where it attempts to glean as much information as possible about the workings of the botnet.
Sodexo uses a combination of data mining and machine learning techniques to infer the structure of the botnet and identify command and control channels.
It can also help detect signatures for malware and spam, to improve the efficacy of intrusion detection systems and spam filters and even alert users.
According to the team's research paper, Sodexo was able to learn enough about social botnets to be able to restrict their lifespan to a mere five days, helping wipe out botnet populations on the systems they studied.
“Deploying deception through honeybots signiﬁcantly reduces the botnet population, even when the number of honeybots is small relative to the population size,” they concluded.
Latest Tesla news: Tesla stock price tanks amid reports of 'widening probe' by SEC and claims the base Model 3 loses money
SEC 'probe' takes its toll on Tesla as new research suggests that Tesla loses $6,000 on every $35,000 Model 3
10nm Cannon Lake Core i3-8121U CPUs make a rare outing with Intel's NUC mini PC
'Notorious' Australian child hacker thought he had executed 'flawless' hack
The former employee says that Tesla fired him for bringing the accusations to management internally