• PDF / 254,429 Bytes
• 12 Pages / 439.37 x 666.142 pts Page_size
• 39 Downloads / 231 Views

DOWNLOAD

REPORT

Abstract Botnets are an emerging phenomenon that is becoming one of the most significant threats to cyber security and cyber crimes as they provide a distributed platform for several illegal activities such as launching distributed denial of service (DDoS), malware dissemination, phishing, identity theft, spamming, and click fraud. The characteristic of botnets is the use of command and control (C&C) channels through which they can be updated and directed. We investigate the stateof-art research on recent botnet analysis. This paper aims to provide a concise overview of existing botnets in multiple views. The major advantage of this paper is to identify the nature of the botnet problem and find the specific ways of detecting the botnet.







Keywords Botnets C&C mechanisms Botnet analysis Botnet detection survey

1 Introduction Explosive growth of the Internet provides much improved accessibility to huge amount of valuable data. However, numerous vulnerabilities are exposed, and the number of incidents is increasing over time. Especially, recent malicious attempts are different from old-fashioned threats, intended to get financial benefits through a large pool of compromised hosts. This horrifying new type of threats endangers millions of people and network infrastructure around the world.

G. Kirubavathi (&)  R. Anitha Department of Mathematics and Computational Sciences, PSG College of Technology, Coimbatore, India e-mail: [email protected] R. Anitha e-mail: [email protected]

G. S. S. Krishnan et al. (eds.), Computational Intelligence, Cyber Security and Computational Models, Advances in Intelligent Systems and Computing 246, DOI: 10.1007/978-81-322-1680-3_23,  Springer India 2014

203

204

G. Kirubavathi and R. Anitha

Botnets are emerging as the most significant threat over Internet [1]. A botnet is a collection of zombie computers, connected to the Internet, called bots which are used for various malicious activities [2, 3]. Bot is a self-propagating application that infects the vulnerable hosts through direct exploitation/Trojan insertion. It also performs user-centric tasks automatically without any interaction from the user. Botnets with a large number of computers have enormous cumulative bandwidth and computing capability. They are exploited by botmaster for initiating various malicious activities, such as email spam, distributed denial-of-service attacks, password cracking, and key logging. The first generation of botnets utilized IRC channels as their command and control (C&C) centers. Since the centralized C&C mechanism of such botnets has made them vulnerable, easily they can be detected and removed. In recent years, botnets use HTTP as communication protocol [4]. HTTP bots request and download commands from Web servers under the control of the botmaster. These Web-based C&C bots try to blend normal HTTP traffic, and hence, detecting such bots is more difficult than the IRC bots. The new generation of botnets which can hide their C&C is Peer-to-Peer (P2P) botnets [5]. P2P

Recommend Documents

Chasing Botnets: A Real Security Incident Investigation

162 76 11MB

ML-Based Early Detection of IoT Botnets

164 0 32MB

Social Network Analysis in Education: A Study

168 34 10MB

Fictitious Pupils and Implicative Analysis: a Case Study

170 35 1MB

Analysis and Evaluation of Power Plants: A Case Study

164 72 26MB

Experimental study and analysis of a thermoacoustically driven thermoacoustic refrigerator

148 74 2MB

Cost Benefit Analysis for a Hydraulic Project: A Case Study

166 20 276MB

A Comprehensive Analysis of Postmarket Surveillance Study Orders: Device Characteristics, Study Statuses, Outcomes, and

173 52 1MB

Exergetic sustainability analysis of industrial furnace: a case study

170 10 433KB

A Comparative Study on Slope Stability Analysis by Different Approaches

195 25 57MB

A Multivocal Process Analysis of Social Positioning in Study Groups

165 35 191KB

A comparative study on bio-inspired algorithms for sentiment analysis

212 110 1010KB