Proactive Botnet Countermeasures An Offensive Approach
نویسندگان
چکیده
Botnets, consisting of thousands of interconnected, remote-controlled computers, pose a big threat against the Internet. We have witnessed the involvement of such malicious infrastructures in politically motivated attacks more than once in recent years. Classical countermeasures are mostly reactive and conducted as part of incident response actions. This is often not sufficient. We argue that proactive measures are necessary to mitigate the botnet threat and demonstrate techniques based on a formalized view of botnet infrastructures. However, while being technically feasible, such actions raise legal and ethical
منابع مشابه
Proactive Botnet Countermeasures – An Offensive Approache
Botnets, consisting of thousands of interconnected remote-controlled computers, pose a big threat against the Internet. We have witnessed the involvement of such malicious infrastructures in politically motivated attacks in more than once recent years. Classical countermeasures are mostly reactive and conducted as part of incident response actions. This is often not sufficient. We argue that pr...
متن کاملThe Rise of Social Botnets: Attacks and Countermeasures
Online social networks (OSNs) are increasingly threatened by social bots which are software-controlled OSN accounts that mimic human users with malicious intentions. A social botnet refers to a group of social bots under the control of a single botmaster, which collaborate to conduct malicious behavior while mimicking the interactions among normal OSN users to reduce their individual risk of be...
متن کاملCan Cybersecurity Be Proactive? A Big Data Approach and Challenges
The cybersecurity community typically reacts to attacks after they occur. Being reactive is costly and can be fatal where attacks threaten lives, important data, or mission success. But can cybersecurity be done proactively? Our research capitalizes on the Germination Period—the time lag between hacker communities discussing software flaw types and flaws actually being exploited—where proactive...
متن کاملCharacterisation of the Kelihos.B Botnet
Botnets like Kelihos.B consist of infected computers that are used for malicious purposes. A large part of the Kelihos.B botnet was sinkholed and the bots in it send all their requests to controlled servers. All those requests are then stored in log files on the servers. These log files are used in this paper to find characteristics about this Kelihos.B botnet. Two types of analyses were conduc...
متن کاملBotRevealer: Behavioral Detection of Botnets based on Botnet Life-cycle
Nowadays, botnets are considered as essential tools for planning serious cyberattacks. Botnets are used to perform various malicious activities such as DDoSattacks and sending spam emails. Different approaches are presented to detectbotnets; however most of them may be ineffective when there are only a fewinfected hosts in monitored network, as they rely on similarity in...
متن کامل