Analysis and Detection of Botnets and Encrypted Tunnels
نویسنده
چکیده
A botnet is a collection of compromised systems. A botnet has a bot-master which identifies the vulnerable systems and compromises them by injecting a malware code and remotely controls all these compromised systems using Command-andControl Infrastructure. These compromised systems are bots. Thus, a botnet is a network of bots. These bots receive commands from bot-master to perform various malicious activities like Distributed Denial of Service (DDoS) attack, phishing, sending spam emails etc. Nowadays, Botnets have become a major threat to online ecosystems. Thus, Analysis and detection of the botnets has become a major research topic in recent years. Nowadays, botnets are relying on anonymous networks to hide their existence. Anonymous communication implies that no one will be able to retrieve the identity of the users in the network. The Tor browser is the most widely used anonymous network among botnets. The Tor aims to eliminate the mapping between user and services or servers by hiding the user’s IP address and thereby blocks the user identification and communication tracking. The Tor browser provides anonymity to all of its users. Botnets are now using tor anonymity due to which they hide themselves and it becomes difficult to detect them. The proxy servers are also used to hide the identity of the users. Browsing using Proxy server changes the IP-address of its user due to which backtracking is difficult and it becomes extremely difficult to detect if a chain of proxies is used. This paper aims to identify several ways to reveal the identities of the bots and their bot-master that are using tor or any other anonymous network.
منابع مشابه
BotOnus: an online unsupervised method for Botnet detection
Botnets are recognized as one of the most dangerous threats to the Internet infrastructure. They are used for malicious activities such as launching distributed denial of service attacks, sending spam, and leaking personal information. Existing botnet detection methods produce a number of good ideas, but they are far from complete yet, since most of them cannot detect botnets in an early stage ...
متن کاملHF-Blocker: Detection of Distributed Denial of Service Attacks Based On Botnets
Abstract—Today, botnets have become a serious threat to enterprise networks. By creation of network of bots, they launch several attacks, distributed denial of service attacks (DDoS) on networks is a sample of such attacks. Such attacks with the occupation of system resources, have proven to be an effective method of denying network services. Botnets that launch HTTP packet flood attacks agains...
متن کاملBotRevealer: Behavioral Detection of Botnets based on Botnet Life-cycle
Nowadays, botnets are considered as essential tools for planning serious cyberattacks. Botnets are used to perform various malicious activities such as DDoSattacks and sending spam emails. Different approaches are presented to detectbotnets; however most of them may be ineffective when there are only a fewinfected hosts in monitored network, as they rely on similarity in...
متن کاملClassification of encrypted traffic for applications based on statistical features
Traffic classification plays an important role in many aspects of network management such as identifying type of the transferred data, detection of malware applications, applying policies to restrict network accesses and so on. Basic methods in this field were using some obvious traffic features like port number and protocol type to classify the traffic type. However, recent changes in applicat...
متن کاملRevealing the Criterion on Botnet Detection Technique
Botnet have already made a big impact that need much attention as one of the most emergent threats to the Internet security. More worst when the peer-to-peer (P2P) botnets take the inspiration and underlying P2P technology to exchange files making botnets much harder to detect and shut down. It make botnets are the biggest threat to internet stability and security. Hence, Botnet detection and p...
متن کامل