Skip to main content
Springer Nature Link
Log in

Portfolio optimization of computer and mobile botnets

  • Regular contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

Botnet, a network of compromised computers controlled by botmasters, can perform various forms of malicious attacks and has emerged as one of the top security problems yet to be solved. Traditionally, botmasters have been focusing on herding computers. As mobile computing devices such as smart phones and tablets are becoming increasingly popular, there are more targets exposed to hacking risks. While technical approaches have so far received limited results, we study the botnet problem from an alternative angle, i.e., economic perspectives of botnet industry. In this paper, we play devil’s advocate and think from the perspective of botmasters, i.e., how botmasters can evolve to maximize their profits in response to changing technologies. We adopt the concept of portfolio management, in which botmasters run their business through maintaining an optimal portfolio of PC and mobile devices to diversify risk and maximize profits of entire botnet industry. On the other hand, users may also maximize their utility function by keeping an optimal portfolio of network activities and data on their computers and mobile devices. The strategic playing by botmasters and users is modeled in a game theoretical framework. Various equilibrium solutions are discussed in terms of their welfare implications to botmasters and users. Understanding the optimal portfolio choice by botmasters provides insight for defenders, especially with evolving and diversified computing environments.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

Explore related subjects

Discover the latest articles, news and stories from top researchers in related subjects.

Notes

  1. Throughout the paper, the terms “computer botnets” and “PC botnets” are used interchangeably.

  2. The commonly used square root utility function satisfies both increasing and concave properties of utility. The specified probability function is increasing in user activity level and generates probability values ranging between 0 and 1. The theoretical proof of optimality does not depend on the specified functional forms.

References

  1. ARBOR NETWORK . Worldwide Infrastructure Security Report, vol. III, (online). http://www.arbornetworks.com/report (2007)

  2. McCarty, B.: Botnets: big and bigger. IEEE Secur. Priv. 1(4), 87–90 (2003)

    Article  Google Scholar 

  3. Dagon, D., Gu, G., Lee, C.P., Lee, W.: A Taxonomy of Botnet Structures. In: Twenty-Third Annual Computer Security Applications Conference (ACSAC). Miami Beach, Florida (2007)

  4. Rajab, M.A., Zarfoss, J., Monrose, F., Terzin, A.: A Multifaceted Approach to Understanding the Botnet Phenomenon. In: 6th ACM SIGCOMM Conference on Internet Measurement, SESSION: Security and Privacy, Rio de Janeiro, Brazil, pp. 41–52 (2006)

  5. Franklin, J., Paxson, V., Perrig, A., Savage, S.: An inquiry into the nature and causes of the wealth of internet miscreants. In: The 14th ACM Conference on Computer and Communications Security, SESSION: Internet Security, pp. 375–388. Alexandria, Virginia (2007)

  6. Grizzard, J.B., Sharma, V. Nunnery, C., Kang, B.B., Dagon, D.: Peer-to-Peer Botnets: Overview and Case Study. In: First Workshop on Hot Topics in Understanding Botnets (HotBots07), pp. 1–1. Cambridge, MA (2007)

  7. Becher, M., Freiling, F.C., Hoffmann, J., Holz, T., Uellenbeck, S., Wolf, C.: Mobile Security Catching Up? Revealing the Nuts and Bolts of the Security of Mobile Devices. In: Proceedings of the 32nd IEEE Symposium on Security and Privacy (S &P 2011), pp. 96–111. Berkeley, CA (2011)

  8. Delač, G., Silić, M., Krolo, J.: Emerging security threats for mobile platforms. In: Proceedings of the 34th International Convention MIPRO, pp. 1468–1473. Opatija, Croatia (2011)

  9. Nadji, Y., Giffin, J., Traynor, P.: Automated remote repair for mobile malware. In: Proceedings of the 27th Annual Computer Security Applications Conference (ACSAC’11), pp. 413–422. Orlando, FL (2011)

  10. Felt, A.P., Finifter, M., Chin, E. Hanna, S. Wagner, D.: A survey of mobile malware in the wild. In: Proceedings of the 1st ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM’11), pp. 3–14. Chicago, IL (2011)

  11. Traynor, P., Amrutkar, C., Rao, V., Jaeger, T., McDaniel, P., Porta, T.L.: From mobile phones to responsible devices. Secur. Commun. Netw. 4(6), 719–726 (2011)

    Article  Google Scholar 

  12. Schlegel, R., Zhang, K., Zhou, X., Intwala, M., Kapadia, A., Wang, X.: Soundcomber: A Stealthy and Context-Aware Sound Trojan for Smartphones. In: Proceedings of the 18th Annual Network and Distributed System Security Symposium (NDSS’11). San Diego, CA (2011)

  13. Traynor, P., Lin, M., Ongtang, M., Rao, V., Jaeger, T., Mcdaniel, P., Porta, T.L.: On Cellular Botnets: Measuring the Impact of Malicious Devices on a Cellular Network Core. In: Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS), pp. 223–234. Chicago, Illinois (2009)

  14. Mulliner, C., Seifert, J.P.: Rise of the iBots: owning a telco network. In: Proceedings of the 5th IEEE International Conference on Malicious and Unwanted Software (Malware), pp. 71–80. Nancy, France (2010)

  15. Mulliner, C., Golde, N., Seifert, J.P.: SMS of Death: from analyzing to attacking mobile phones on a large scale. In: Proceedings of the 20th USENIX Security Symposium, pp. 24–40. San Francisco, CA (2011)

  16. Oberheide, J., Jahanian, F.: When mobile is harder than fixed (and vice versa): demystifying security challenges in mobile environments. In: Proceedings of the Eleventh Workshop on Mobile Computing Systems and Applications (HotMobile’10), pp. 43–48. Annapolis, MD (2010)

  17. Singh, K., Sangal, S., Jain, N. Traynor, P. Lee, W.: Evaluating Bluetooth as a medium for botnet command and control. In: Proceedings of the 7th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA’10), pp. 61–80. Bonn, Germany (2010)

  18. Zeng, Y., Shin, K.G., Hu, X.: Design of SMS commanded-and-controlled and P2P-structured mobile botnets. In: Proceedings of the Fifth ACM Conference on Security and Privacy in Wireless and Mobile Networks (WISEC’12), pp. 137–148. Tucson, AZ (2012)

  19. Xiang, C., Binxing, F., Lihua, Y., Xiaoyi, L., Tianning, Z.: Andbot: towards advanced mobile botnets. In: Proceedings of the 4th USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET’11), pp. 11–17. Boston, MA (2011)

  20. Bächer, P., Holz, T., Kötter, M., Wicherski, G.: Know your Enemy: Tracking Botnets. In: The Honeynet Project and Research Alliance (2005)

  21. Zou, C., Cunningham, R.: Honeypot-Aware Advanced Botnet Construction and Maintenance. In: International Conference on Dependable Systems and Networks, pp. 199–208. Philadelphia, PA (2006)

  22. Wang, P., Sparks, S., Zou, C.C.: An Advanced Hybrid Peer-to-Peer Botnet. In: First Workshop on Hot Topics in Understanding Botnets (HotBots07), pp. 2–2. Cambridge, MA (2007)

  23. Ford, R. Gordon, S.: Cent, Five Cent, Ten Cent, Dollar: Hitting Botnets Where it Really Hurts. In: New Security Paradigms Workshop, Dagstuhl, Germany, pp. 3–10 (2006)

  24. Li, Z., Liao, Q., Striegel, A.: Botnet Economics: Uncertainty Matters. In: Proceedings of Workshop on the Economics of Information Security (WEIS ’08). Hanover, New Hampshire (2008)

  25. Namestnikov, Y.: The Economics of Botnets. White Paper, Kaspersky Lab Woburn, MA (2009)

  26. Herley, C., Florencio, D.: Nobody Sells Gold for the Price of Silver: Dishonesty, Uncertainty and the Underground Economy. In: The Eighth Workshop on the Economics of Information Security (WEIS ’09). University College London, England (2009)

  27. Li, Z., Liao, Q., Blaich, A., Striegel, A.: Fighting botnets with economic uncertainty. J. Secur. Commun. Netw. Wiley Intersci. 4(10), 1104–1113 (2011)

    Article  Google Scholar 

  28. Vömel, S., Holz, T., Freiling, F.C.: “I’d like to pay with your visa card” an illustration of illicit online trading activity in the underground economy. Technical Report TR-2010-004, Department for Mathematics and Computer Science, University of Mannheim (2010)

  29. Rao, J.M., Reiley, D.H.: The Economics of Spam. J. Econ. Perspect. 26(3), 87–110 (2012)

    Google Scholar 

  30. Cárdenas, A., Radosavac, S., Grossklags, J., Chuang, J., Hoofnagle, C.: An Economic Map of Cybercrime. In: The 37th Research Conference on Communication, Information and Internet Policy (TPRC). George Mason University Law School, Arlington, VA (2010)

  31. Nash, J.: Equilibrium points in n-person games. Proc. Natl. Acad. Sci. 36(1), 48–49 (1950)

    Article  MATH  MathSciNet  Google Scholar 

  32. Georgia Tech Information Security Center (GTISC). Emerging Cyber Threats Report for 2009. (2008)

  33. Schiller, C., Binkley, J. Evron, G., Willems, C., Bradley, T. Harley, D., Cross, M.: Botnets: The Killer Web App, p. 480 Syngress, Waltham, MA, ISBN: 1597491357 (2007)

  34. Karasaridis, A., Rexroad, B., Hoeflin, D.: Wide-scale Botnet Detection and Charaterization. In: USENIX Workshop on Hot Topics in Understanding Botnets (HotBots’07) Cambridge, MA (2007)

  35. Dagon, D., Zou, C., Lee, W.: Modeling Botnet Propagation Using Time Zones. In: Proceedings of the 13th Annual Network and Distributed System Security Symposium (NDSS’06) San Diego, CA (2006)

  36. Cooke, E., Jahanian, F., McPherson, D.: The Zombie roundup: understanding, detecting, and disrupting botnets. In: Workshop on Steps to Reducing Unwanted Traffic on the Internet (SRUTI), pp. 39–44 Cambridge, MA (2005)

  37. Turner, D., Fossi, M., Johnson, E., Mack, T., Blackbird, J., Entwisle, S., Low, M.K., McKinney, D., Wueest, C.: Symantec global internet security threat report–trends for july–december 07. Symantec Enterp. Secur. 13, 5–8 (2008)

  38. Franklin, J. Paxson, V., Perrig, A., Savage, S.: An inquiry into the nature and causes of the wealth of internet miscreants. In: Proceedings of the 14th ACM conference on Computer and Communications Security, SESSION: Internet Security, pp. 375–388. Alexandria, Virginia (2007)

  39. Segura, V., Lahuerta, J.: Modeling the economic incentives of DDoS attacks: femtocell case study. In: The Eighth Workshop on the Economics of Information Security (WEIS), pp. 107–119. University College London, England (2009)

  40. Garg, V., Husted, N., Camp, J.: The smuggling theory approach to organized digital crime. In: eCrime Researchers Summit (eCrime), pp. 1–7. San Diego, CA (2011)

  41. von Neumann, J., Morgenstern, 0.: Theory of Games and Economic Behavior. Princeton University Press, Princeton (1944)

    MATH  Google Scholar 

  42. Manshaei, M.H., Zhu, Q., Alpcan, T., Başar, T., Hubaux, J.-P.: Game theory meets network security and privacy. ACM Computing Surveys (CSUR), vol. 45, No. 3. NewYork, Article No. 25 (2013)

  43. Bensoussan, A., Kantarcioglu, M., Hoe, S.(C.): A game-theoretical approach for finding optimal strategies in a botnet defense model. In: Proceedings of the First international conference on Decision and game theory for security (GameSec), pp. 135–148. Berlin, Germany (2010)

  44. Shang, Y.: Optimal Attack Strategies in a Dynamic Botnet Defense Model. Int. J. Appl. Math. Inf. Sci. 6(1), 29–33 (2012)

    Google Scholar 

  45. Song, L., Jin, Z., Sun, G.: Modeling and analyzing of botnet interactions. Physica A: Stat. Mech. Appl. 390(2), 347–358 (2011)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Central Michigan University, Mount Pleasant, MI, 48859, USA

    Qi Liao

  2. Department of Economics and Management, Albion College, Albion, MI, 49224, USA

    Zhen Li

Authors
  1. Qi Liao
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. Zhen Li
    View author publications

    You can also search for this author inPubMed Google Scholar

Corresponding author

Correspondence to Qi Liao.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Liao, Q., Li, Z. Portfolio optimization of computer and mobile botnets. Int. J. Inf. Secur. 13, 1–14 (2014). https://doi.org/10.1007/s10207-013-0206-9

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-013-0206-9

Keywords