Scenario Capture name Size Bot S11 CTU-Malware-13 305 MB Murlo S12 CTU-Malware-42 5.75 GB Neris S13 CTU-Malware-44 4.78 GB Rbot
S14 CTU-Malware-46 371 MB Virut S15 CTU-Malware-47 3.05 GB Menti S16 CTU-Malware-78 6.3 GB Zeus S17 CTU-Malware-116 317 MB Kazy Table 14: Proof for the detection of C&C channels.
Botnet name Type Portion of dataset Rbot
IRC, DDoS, US 0.1% Virut SPAM, PS, HTTP 0.485% Menti PS 3.89% Sogou HTTP 0.035% Murlo PS 1.64% Neris IRC, SPAM, CF, PS 31.3% Table 3: Distribution of botnet types in the testing dataset.
was perpetrated by organized crime groups that intended to use infected machines to steal data such as credit card numbers, or to extort companies with infected networks.
Comparison among intrusion datasets Benchmark Traffic (B)/Non- type Real/ Name of the Categories benchmark (normal[N]/ Non-real dataset of attacks (N) attack[A]) time KDDCup99 DoS, Probe, B Both N u2r, r2l LBNL -- B Both N End-point Zotob.G, N Both N Forbot-FU, Sdbot- AFR, Dloader-NY, So-Big.E@mm, MyDoom.A @mm, Blaster, Rbot-AQJ, RBOT
.CCC Network -- N N/A R Traces NetFlow -- N N/A R
Over 100 US companies are reported to have been infected by the worms, which include IRCBOT.WORM and RBOT
.CBQ, and the infected PCs were repeatedly restarted.
The creators of Mytob, a combination of source codes from previous threats MyDoom and Rbot
, appear to be a group of virus writers called HeUbot.
Tickers featured: ALGN, ARTC, AZA, BCR, BOL, CHF, EYE, GDT, IDXX, ISRG, JNJ, MDT, RBOT
, SRCL, THOR, TMO, TYC, VMSI.
(MAB223) GORDON ROGERS - COMPUTER MOTION INC (RBOT
According to media reports, the upper house of the Italian Senate in Rome ground to a halt as it was hit by me of the many variants of the Rbot worm.
The Rbot family of worms includes backdoor functionality which allows remote hackers to gain access to infected computers, steal information and even--in some cases--monitor computer users via their webcams.
(LAS245) GORDON ROGERS - COMPUTER MOTION INC (RBOT
(HBOC), Access Health (ACCS), IDX Systems (IDXC ), QuadraMed (QMDC), Quintiles (QTRN), PAREXEL International (PRXL), Boron LePore & Associates (BLPG), Bristol-Myers Squibb (BMY), Professional Detailing (PDII), Glaxo Wellcome (GLX), Healthworld (HWLD), MedPartners (MDM), PhyCor (PHYC), Focal (FOCL), Perclose (PERC), ArthroCare (ARTC), Theragenics (THRX), Novoste (NOVT), Computer Motion (RBOT
), STERIS (STRL), ESC Medical Systems (ESCMF).