Botnet?

• Botnet is a network of compromised computers fallen under the control of hackers after infected by malicious programs such as trojan viruses.


• While users are oblivious, they carry our malicious tasks such as mass spamming, large-scale DDoS, additional trojans, becoming one of the most serious threats to the internet infrastructure of today.

Goal of Project

• Introduce a method to uncover such botnets, characterize their behaviors, and model their evolution patterns using email log records

• Analyzed more than 12 billion email records collected from 7,370 different domains in Korea over a period of 14 months.


• Introduced noble methods for indentifying spam campaigns, grouping campaign variants via behavioral characterization of the campaigns, and detecting evolution patterns of fast evolving botnets.


• Discovered 51 million IPs used by the compromised machines from 230 nations, comprising 68% of IPs in the logs, and 9.6 billion spam mails originating from them, comprising 80% of emails in the logs.