In the last few years there has been a media frenzy regarding so-called "Super Botnets" comprised of (supposedly) millions of hosts and organized into a vast network called a "botnet". Bots like Stormworm, Waledac, Mega-D and recently Conficker have all been reported to have millions of infections. What isn't reported in the media though is how incredibly sophisticated the architecture of these botnets really are. These bots have been dialed up to 11. This presentation will focus in detail on how the big botnets work including aspects of how their P2P (peer-to-peer) and C&C (command-and-control) mechanisms work.

Brandon Enright

Brandon Enright enjoys dabbling in network security and is currently employed at UC San Diego where he spends some of his time with operational security and the rest with malware, botnet and spam research.  He presented on the Storm botnet at ToorCon 9.