Botnets Uses, Prevention, and Examples. Background Robot Network Programs communicating over a network to complete a task Adapted new meaning in the security.

Slides:



Advertisements
Similar presentations
Botnets ECE 4112 Lab 10 Group 19.
Advertisements

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Protection from Internet Theft By James Seegars. What Is Hacking? Definition – A)To change or alter(Computer Program) – B) To gain access to (a computer.
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.
SPAM/BOTNETS and Malware  Neil Warner, CIO, GoDaddy.com  Moderator: Dan Kaplan, deputy editor, SC Magazine.
 What is a botnet?  How are botnets created?  How are they controlled?  How are bots acquired?  What type of attacks are they responsible for? 
By Joshua T. I. Towers $13.3 billion was the direct cost of malware for business in 2006 “direct costs are defined as labor costs to analyze, repair.
BOTNETS/Cyber Criminals  How do we stop Cyber Criminals.
1 Understanding Botnet Phenomenon MITP Kevin Lynch, Will Fiedler, Navin Johri, Sam Annor, Alex Roussev.
Bots and Botnets CS-431 Dick Steflik. DDoS ● One of the most common ways to mount a Distributed Denial of Service attacks is done via networks of zombie.
Security Awareness: Applying Practical Security in Your World
Vijay krishnan Avinesh Dupat  Collection of tools (programs) that enable administrator-level access to a computer or computer network.  The main purpose.
UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.
Botnets Usman Jafarey Including slides from The Zombie Roundup by Cooke, Jahanian, McPherson of the University of Michigan.
Botnets Abhishek Debchoudhury Jason Holmes. What is a botnet? A network of computers running software that runs autonomously. In a security context we.
Borrowed from Brent ByungHoon Kang, GMU. A Network of Compromised Computers on the Internet IP locations of the Waledac botnet. Borrowed from Brent ByungHoon.
Internet Relay Chat Security Issues By Kelvin Lau and Ming Li.
Internet Relay Chat Chandrea Dungy Derek Garrett #29.
BOTNETS & TARGETED MALWARE Fernando Uribe. INTRODUCTION  Fernando Uribe   IT trainer and Consultant for over 15 years specializing.
Sravanthi Vattikuti Sri Harsha Devabhaktuni
Botnets An Introduction Into the World of Botnets Tyler Hudak
Introduction to Honeypot, Botnet, and Security Measurement
MSIT 458 – The Chinchillas. Offense Overview Botnet taxonomies need to be updated constantly in order to remain “complete” and are only as good as their.
Antivirus Technology in State Government Kym Patterson State Chief Cyber Security Officer Department of Information Systems.
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.
Outline  Infections  1) r57 shell  2) rogue software  What Can We Do?  1) Seccheck  2) Virus total  3) Sandbox  Prevention  1) Personal Software.
By, Anish Shanmugasundaram Yashwanth Sainath Jammi.
CS101 Lecture 14 Security. Network = Security Risks The majority of the bad things that can be done deliberately to you or your computer happen when you.
B OTNETS T HREATS A ND B OTNETS DETECTION Mona Aldakheel
Article presentation for: The Dark Cloud: Understanding and Defending against Botnets and Stealthy Malware Based on article by: Jaideep Chandrashekar,
BotNet Detection Techniques By Shreyas Sali
Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
Rootkits. EC-Council The Problem  Microsoft Corp. security researchers are warning about a new generation of powerful system-monitoring programs, or.
Spyware and Viruses Group 6 Magen Price, Candice Fitzgerald, & Brittnee Breze.
Vijay Krishnan Avinesh Dupat. A rootkit is software that enables continued privileged access to a computer while actively hiding its presence from administrators.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 45 How Hackers can Cripple the Internet and Attack Your PC How Hackers can Cripple the.
Bots Used to Facilitate Spam Matt Ziemniak. Discuss Snort lab improvements Spam as a vehicle behind cyber threats Bots and botnets What can be done.
Topics to be covered 1. What are bots,botnet ? 2.How does it work? 4.Prevention of botnet. 3.Types of botnets.
2012 4th International Conference on Cyber Conflict C. Czosseck, R. Ottis, K. Ziolkowski (Eds.) 2012 © NATO CCD COE Publications, Tallinn 朱祐呈.
1 Chap 10 Virus. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.
Here is a list of viruses Adware- or advertising-supported software-, is any software package which automatically plays, displays, or downloads advertisements.
BOTNETS Presented By : Ramesh kumar Ramesh kumar 08EBKIT049 08EBKIT049 A BIGGEST THREAT TO INERNET.
Johannes Hassmund (2009), Project Report for Information Security Course, Linkoping University, Sweden. Speaker : Hung-Jen Chiang Studying IDS signatures.
Virus and anti virus. Intro too anti virus Microsoft Anti-Virus (MSAV) was an antivirus program introduced by Microsoft for its MS-DOS operating system.
Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.
AN INSIDE LOOK AT BOTNETS Barford, Paul and Yegneswaran Advances in Information Security, Springer, 2006 Kishore Padma Raju.
Host and Application Security Lesson 17: Botnets.
Omar Hemmali CAP 6135 Paul Barford Vinod Yegneswaran Computer Sciences Department University of Wisconsen, Madison.
Open Malicious Source Symantec Security Response Kaoru Hayashi.
Big Bad Botnet Day! Xeno Kovah In association with the Corporation for Public Botcasting, and Viewers Like You! Xeno Kovah In association with the Corporation.
Computer Security Threats CLICKTECHSOLUTION.COM. Computer Security Confidentiality –Data confidentiality –Privacy Integrity –Data integrity –System integrity.
Know your Enemy: Tracking Botnets The Honeynet Project & Research Alliance Presented by: Jonathan Dowdle.
Speaker: Hom-Jay Hom Date:2009/10/20 Botnet Research Survey Zhaosheng Zhu. et al July 28-August
The hidden part of TDSS Sergey (k1k) Golovanov, Malware Expert Global Research and Analysis Team Kaspersky Lab.
Intro to Network Security. Vocabulary Vulnerability Weakness that can be compromised Threat A method to exploit a vulnerability Attack Use of one or more.
Botnets Borrowed from Brent ByungHoon Kang, GMU. A Network of Compromised Computers on the Internet IP locations of the Waledac botnet. Borrowed from.
Brett Stone-Gross, Marco Cova, Lorenzo Cavallaro, Bob Gilbert, Martin Szydlowski, Richard Kemmerer, Christopher Kruegel, and Giovanni Vigna Proceedings.
Viruses A computer program that can replicate itself and is spread from one computer to another Can be spread by networks, the internet, or removable mediums.
1 Botnets Group 28: Sean Caulfield and Fredrick Young ECE 4112 Internetwork Security Prof. Henry Owen.
Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Botnets A collection of compromised machines
VIRUS HOAX + BOTS. VIRUS HOAX + BOTS Group Members Aneeqa Ikram Fatima Ishaque Tufail Rana Anwar Amjad.
Botnets A collection of compromised machines
Malware CJ
Presentation transcript:

Botnets Uses, Prevention, and Examples

Background Robot Network Programs communicating over a network to complete a task Adapted new meaning in the security world Network of compromised machines that can be remotely controlled

Theoretical Structure Malware with control

Not Zombies, Servants

Spatial Distribution Result of an unethical Internet Census that infected over 420,000 machines

Uses - for Fun and Profit of Course! Numbers Power Information

Numbers Typically rented DDOS (10K – 120K ( Gbps) for $200 per day) Spamming (SOCKS proxy) Web traffic Control (unique IP) o Page/Ad views o Likes o Poll Manipulation

Power Cheap super computers (sold, rented, or kept for use) Bitcoin/Dogecoin mining o BadLepricon distributed by Google Play o GPU ‘idle’ at 180° F o Storm Botnet (1mil – 50 mil machines), largest at time

Information May as well Traffic sniffing, key loggers and other information theft Self propagation o Spreading over network o Detection of other botnets presence o The enemy of my enemy is my competitor o Happy Hacker, Zeu$ botnet master

For the Greater Good What makes them bad can be used for good o Hard to remove or disable o Good at hiding/quiet monitoring o Botnets with good intentions fighting botnets Phalanx, DDOS protection o Nodes of botnet used as protective mailboxes o Pass on information when requested o Computational puzzle to gain access

Prevention Defensive (users, owners) Offensive (security agencies, research)

Defensive Treat just like malware Intrusion Detection System Main target of botnets don’t follow these o Keeping updated o Quality firewall, anti-virus o Other general security measures o Removal, maybe clean install

Offensive Agencies know people think of security last Research for IDS o Development of “good” botnets o Gun buying programs, better unused o Tracking down botnet masters o Examining bought/captured botnets o Honeypots

Examples o Agobot o SDBot o Global Threat Bot (Fig. 1) Originally bots, now popular templates

Agobot - the multi-tool 500 know versions Easy to use, little programming knowledge required Simple to add commands / vulnerability scanners Offers rootkit capabilities (process hiding) If you want it there is a version that has it Advanced form of traffic sniffing o Packet sniffers / key loggers o Self propagation o DDOS commands o Stripped down lipcpap dll registered as system driver o Utilizes libpcre dll to lookout for bot commands

SDBot – the cheaper multi-tool Written in very poor C but still widely used Less sophisticated, smaller instruction set Similar to Agobot in features Copies self to all mapped drives and shared network resources Can update itself which is cool Bad form of traffic sniffing o Processes hiding o Self replication o Based on windows raw socket listining, listens to own traffic

Global Threat Bot - DDOS tool Distributed as a Trojan over Internet Relay Chat (IRC) networks Runs in stealth mode with the name mIRC Client Utilizes a number of mIRC bot scripts Once installed joins IRC channel and waits for commands Useful for launching DDOS attacks over IRC networks

Review Botnets are malware with control (NO ZOMBIES) Numbers, Power, Information and maybe good uses Offensive and Defensive prevention 3 common examples

Links How to Steal a Botnet – How to Make a Botnet DDOS pricing The good stuff is just a search away, but be weary

Q&A

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.