Botnet, a network of compromised computers controlled by botmasters, can perform various forms of malicious attacks and has emerged as one of the top security problems yet to be solved. Traditionally, botmasters have been focusing on herding computers. As mobile computing devices such as smart phones and tablets are becoming increasingly popular, there are more targets exposed to hacking risks. While technical approaches have so far received limited results, we study the botnet problem from an alternative angle, i.e., economic perspectives of botnet industry. In this paper, we play devil's advocate and think from the perspective of botmasters, i.e., how botmasters can evolve to maximize their profits in response to changing technologies. We adopt the concept of portfolio management, in which botmasters run their business through maintaining an optimal portfolio of PC and mobile devices to diversify risk and maximize profits of entire botnet industry. On the other hand, users may also maximize their utility function by keeping an optimal portfolio of network activities and data on their computers and mobile devices. The strategic playing by botmasters and users is modeled in a game theoretical framework. Various equilibrium solutions are discussed in terms of their welfare implications to botmasters and users. Understanding the optimal portfolio choice by botmasters provides insight for defenders, especially with evolving and diversified computing environments.
- Game theory
- Portfolio management