Poster: Mongoose, A Novel Lightweight Cross- Platform Botnet Over TOR
نویسندگان
چکیده
“Botnets” consist of a network compromised machines controlled by an attacker (“botmaster”). Traditionally botnets have been integrated with computers, and have been the primary cause of many malicious Internet attacks. However, with emerging technologies such as tablets, cellphones, and other mobile devices; have presented new challenges in simulating what a modern botnet could look like, and how effective they can be executed with the limited resources provided by such technologies. With this poster presentation, we present a lightweight crossplatform (mobile, tablet, and computer) botnet that takes advantage of the TOR network. Compared to most traditional botnets, the proposed botnet allows the bots to phase in and out of networks due to their mobile nature, encrypted communications between bot and master, to use user agents to hide control traffic dispersion over the TOR network, with emphasis on a minimal deployment time and resource usage.
منابع مشابه
Challenges in Protecting Tor Hidden Services from Botnet Abuse
In August 2013, the Tor network experienced a sudden, drastic reduction in performance due to the Mevade/Sefnit botnet. This botnet ran its command and control server as a Tor hidden service, so that all infected nodes contacted the command and control through Tor. In this paper, we consider several protocol changes to protect Tor against future incidents of this nature, describing the research...
متن کاملA Scalable Architecture for Persistent Botnet Tracking
The botnet phenomenon has recently garnered attention throughout both academia and industry. Unfortunately, botnets are still a mystery. In fact, today, very little is known about even the most basic botnet properties, such as size, growth, or demographics. The primary reason for this lack of knowledge is the fact that the existing approaches for measuring such properties are simply inadequate;...
متن کاملBotnets Drilling Away Privacy Infrastructure
Over the last two decades, advances in privacy-enhancing technologies, including cryptographic mechanisms, standardized security protocols, and infrastructure, significantly improved the privacy of users. Cryptographic primitives are now commonly used in the development of applications, where protocols such as TLS/SSL are widely used to secure web access, VPN tunnels, and wireless networks (e.g...
متن کاملProtecting Tor from botnet abuse in the long term
Starting on August 20, 2013 the Tor network has seen a rapid spike in the number of directly connecting users. This spike is apparently due to the large “mevade” click-fraud botnet running its command and control (C&C) as a Tor Hidden Service. Figure 1 shows that estimated daily clients increased from under 1 million to nearly 6 million in three weeks. Figure 2a shows the effects on performance...
متن کاملBotOnus: an online unsupervised method for Botnet detection
Botnets are recognized as one of the most dangerous threats to the Internet infrastructure. They are used for malicious activities such as launching distributed denial of service attacks, sending spam, and leaking personal information. Existing botnet detection methods produce a number of good ideas, but they are far from complete yet, since most of them cannot detect botnets in an early stage ...
متن کامل