№1, 2018


Yadigar N. Imamverdiyev, Gulnara B. Garayeva

Botnet is a network of infected with malware and remotely controlled computers. In recent years, rapid increase in the scale of botnets, their use in cybercrime purposes and tangible and intangible damages stemming from botnets demonstrate the importance of a comprehensive struggle with them. The paper studies directions, methods and stakeholders of fight against botnets and analyzes anti-botnet initiatives at international, national, social and individual levels (pp.32-40).

Keywords: botnet, cybersecurity, cyberspace, Internet Service Providers, anti-botnet initiatives.
  • Tiirmaa-Klaar H. Cyber security threats and responses at global, nation-state, industry and individual levels. Ceri SciencesPo. 2011, pp.1–10.
  • Schmidt A.At the boundaries of peer production: The organization of Internet security production in the cases of Estonia 2007 and Conficker // Telecommunications Policy, 2012, vol.36, no.6, pp.451–461.
  • Wilson C. Botnets, cybercrime, and cyberterrorism: Vulnerabilities and policy issues for congress. Library of Congress Washington DC Congressional Research Service. 2008, 43 p.
  • Herzog S. Revisiting the Estonian cyber attacks: Digital threats and multinational responses // Journal of Strategic Security, 2011, vol.4, no.2, pp.49–60.
  • Tiirmaa-Klaar H., Gassen J., Gerhards-Padilla E., Martini P. Botnets, cybercrime and national security. Botnets. Springer London, 2013, pp.1–40.
  • Plohmann D., Gerhards-Padilla E., Leder F. Botnets: Detection, measurement, disinfection & defence. ENISA Report. 2011, 154 p.
  • Plohmann D., Gerhards-Padilla E., Leder F. 10 Hard questions on botnet mitigation. ENISA Report, 2011, 18 p.
  • Vihul L., Czosseck C., Ziolkowski K., Aasmann L., et al. Legal implications of countering botnets. Joint report from the NATO Cooperative Cyber Defence Centre of Excellence and the European Network and Information Security Agency (ENISA), 2012, 67 p.
  • Van Eeten M., Bauer J.M., Asghari H., Tabatabaie S., Rand D. The role of Internet Service Providers in botnet mitigation: an empirical analysis based on spam data / Workshop on the Economics of Information Security (WEIS), 2010, pp.1–31.
  • Sood A.K., Enbody R.J. Crimeware-as-a-service − survey of commoditized crimeware in the underground market // International Journal of Critical Infrastructure Protection, 2013, vol.6, no.1, pp.28–
  • Leder F., Werner T., Martini P. Proactive botnet countermeasures: an offensive approach. The Virtual Battlefield: Perspectives on cyber warfare. IoS Press. 2009, vol.3, pp.211–
  • ITU Botnet Mitigation Toolkit: Background Information. ITU Telecommunication Development Sector, ICT Applications and Cybersecurity Division, 2008, 78 p.
  • Rutkowski A., Kadobayashi Y., Furey I., Rajnovic D., Martin R., Takahashi T., Schultz C., Reid G., Schudel G., Hird M., Adegbite S. CYBEX: the cybersecurity information exchange framework (x.1500) // ACM SIGCOMM Computer Communication Review, 2010, vol.40, no.5, pp.59–
  • Pijpker J., Vranken H. The role of Internet Service Providers in botnet mitigation / European Intelligence and Security Informatics Conference, 2016, pp.24–
  • Nadji Y., Antonakakis M., Perdisci R., Dagon D., Lee W. Beheading hydras: performing effective botnet takedowns / Proc. of the ACM SIGSAC conference on Computer & communications security, 2013, pp.121–
  • Asghari H., Ciere M., Van Eeten M.J. Post-mortem of a zombie: Conficker cleanup after six years / Proc. of the 24th USENIX Security Symposium, 2015, pp.1–
  • Sully M., Thompson M. The deconstruction of the Mariposa botnet. Defence Intelligence. 2010, 32 p.
  • Sinha P., Boukhtouta A., Belarde V.H., Debbabi M. Insights from the analysis of the Mariposa botnet / Proc. of the 5th International Conference on Risks and Security of Internet and Systems (CRiSIS), 2010, pp.1–
  • Gold S. Taking down botnets // Network Security, 2011, vol.2011, no.5, pp.13–15.
  • Shirazi R. Botnet Takedown Initiatives: A Taxonomy and Performance Model // Technology Innovation Management Review, 2015, vol.5, no.1, pp.15–20.
  • Salles R., Gu, Swimmer M. Editorial for Computer Networks special issue on ‘‘Botnet Activity: Analysis, Detection and Shutdown’’ // Computer Networks, 2013, vol.57, no.2, pp.375–377.
  • German Anti-Botnet Initiative. http://www.botfrei.de
  • Karge S. The German Anti-Botnet Initiative / OECD Workshop: The role of Internet intermediaries in advancing public policy objectives, 2011, pp.1–
  • Schless T., Vranken H. Counter botnet activities in the Netherlands: a study on organisation and effectiveness / Proc. of the 8th International Conference for Internet Technology and Secured Transactions (ICITST), 2013, pp.442–
  • Editors: “The Australian Internet Security Initiative – Internet triage in action?” // ACMAsphere Newsletter, 2010, Issue 51, pp.14–15. 
  • The Australian Internet Security Initiative: Interviews with industry Participants. Australian Communications and Media Authority (ACMA) Report. October 2015, 62 p.
  • S. Anti-Bot Code of Conduct (ABC) for Internet Services Providers (ISPs): Barrier and Metric Considerations. The Communications Security, Reliability and Interoperability Council (CSRIC) Final Report, March 2013, 99 p.
  • Cyber Clean Center Japan. https://telecom-isac.jp/ccc/en_index.html
  • Krebs B. PCs Used in Korean DDoS Attacks May Self Destruct. Washington Post Security Fix Blog, 2009.
  • Information Security in Korea – “Safe Internet, Happy Future!”. Korea Internet Security Agency (KISA) Report, 2015, 55 p.
  • Opperman D. Internet Governance and Cybersecurity in Brazil. In book: Multilateral Security Governance. KAS Rio de Janeiro, 2014, pp.167–181.
  • Irion K. The governance of network and information security in the European Union: the European Public-Private Partnership for Resilience (EP3R). In book: The Secure Information Society. Springer London, 2013, pp.83–116.