UCL Discovery
UCL home » Library Services » Electronic resources » UCL Discovery

Full Cycle Analysis of a Large-scale Botnet Attack on Twitter

Besel, C; Echeverria, J; Zhou, S; (2018) Full Cycle Analysis of a Large-scale Botnet Attack on Twitter. In: Brandes, U and Reddy, C and Tagarelli, A, (eds.) Proceedings of 2018 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM). (pp. pp. 170-177). IEEE: Barcelona, Spain. Green open access

[thumbnail of BotnetSpammingAttack_plain format.pdf]
Preview
Text
BotnetSpammingAttack_plain format.pdf - Accepted Version

Download (957kB) | Preview

Abstract

This work presents an in-depth forensic analysis of a large-scale spam attack launched by one of the largest Twitter botnets reported in academic literature. The Bursty botnet contains over 500,000; many of which have not been suspended. The bots have generated over 2.8 million spam tweets, with 2.2 million mentions directly targeting over 1.3 million distinct Twitter users. We reveal that the botnet used a network of URL shortening services and redirections to obfuscate the real landing pages. We show that users clicked on these URLs shortly after they were published and in large numbers. We even discovered the botmaster who was behind the whole operation, including creation of the Bursty botnet and registration of the several landing pages, which happen to be phishing websites. Furthermore, we found that this botmaster is still active selling Twitter bot related services. Our work reconstructs the complete course of the spam attacks, from planning to execution. This work provides in depth analysis and insight into the operation of cybercriminals on Twitter, and the cyberspace infrastructure and black-markets that they rely on. Finally, we address how the state-of-the-art bot classifiers are unable differentiate the Bursty bots from normal users, highlighting the need and importance of individual botnet analysis.

Type: Proceedings paper
Title: Full Cycle Analysis of a Large-scale Botnet Attack on Twitter
Event: IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM) - 2018
Location: Barcelona, SPAIN
Dates: 28 August 2018 - 31 August 2018
ISBN: 978-1-5386-6051-5
Open access status: An open access version is available from UCL Discovery
DOI: 10.1109/ASONAM.2018.8508708
Publisher version: https://doi.org/10.1109/ASONAM.2018.8508708
Language: English
Additional information: This version is the author accepted manuscript. For information on re-use, please refer to the publisher’s terms and conditions.
UCL classification: UCL
UCL > Provost and Vice Provost Offices
UCL > Provost and Vice Provost Offices > UCL BEAMS
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science
URI: https://discovery.ucl.ac.uk/id/eprint/10074237
Downloads since deposit
421Downloads
Download activity - last month
Download activity - last 12 months
Downloads by country - last 12 months

Archive Staff Only

View Item View Item