An empirical investigation of botnet as a service for cyberattacks

Badis Hammi, Sherali Zeadally, Rida Khatoun

Research output: Contribution to journalArticlepeer-review

8 Scopus citations


During the last years, cloud computing has emerged and imposed itself as a cost-effective solution for providing high quality Information Technology services. However, beyond a legitimate usage, the benefits of cloud computing are being exploited by attackers in nefarious ways and botnets are among the greatest beneficiaries of this malicious use. This botnet trend is a major issue because it strongly increases the power of massive distributed attacks when leveraging the capabilities of cloud service providers that do not have appropriate detection approaches in place to detect botnets exploiting cloud resources (also referred to as botclouds). We developed a free experimental intra–Cloud Service Provider (CSP) botnet that exploits CSPs' trial versions. We used this intra-CSP botnet to execute numerous TCP SYN flood and UDP flood attacks during one week. Our empirical results demonstrate that, contrary to what CSPs claim, all the CSPs (with the exception of one) we have tested still cannot detect or issued no warnings when malicious activities were launched from their cloud computing platforms. Besides, CSP's trial versions can easily be exploited to perpetrate large scale cyberattacks. We argue that efficient, cost-effective, scalable detection approaches that can detect botclouds need to be developed in the future to address this challenge.

Original languageEnglish
Article numbere3537
JournalTransactions on Emerging Telecommunications Technologies
Issue number3
StatePublished - Mar 2019

Bibliographical note

Publisher Copyright:
© 2018 John Wiley & Sons, Ltd.

ASJC Scopus subject areas

  • Electrical and Electronic Engineering


Dive into the research topics of 'An empirical investigation of botnet as a service for cyberattacks'. Together they form a unique fingerprint.

Cite this