Host and Application Security Lesson 17: Botnets.

Slides:



Advertisements
Similar presentations
Nick Feamster Research: Network security and operations Teaching CS 7260 in Spring 2007 CS 7001 Mini-projects: –
Advertisements

Thank you to IT Training at Indiana University Computer Malware.
1 Computer and Internet Security JCCAA Presentation 03/14/2009 Yu-Min (Phillip) Hsieh Sr. System Administrator Information Technology Rice University.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Identity Theft Jody Nadeau. Project Description What is Identity theft What is Identity theft Types of identity theft Types of identity theft Fraud Fraud.
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
AVG 8.5 Product Line Welcome to a safe world …. | Page 2 Contents  Components Overview  Product Line Overview  AVG 8.0 Boxes.
Threats To A Computer Network
BotMiner Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee College of Computing, Georgia Institute of Technology.
1 Understanding Botnet Phenomenon MITP Kevin Lynch, Will Fiedler, Navin Johri, Sam Annor, Alex Roussev.
Bots and Botnets CS-431 Dick Steflik. DDoS ● One of the most common ways to mount a Distributed Denial of Service attacks is done via networks of zombie.
Botnet Dection system. Introduction  Botnet problem  Challenges for botnet detection.
Detecting Botnets Using Hidden Markov Models on Network Traces Wade Gobel Bio-Grid, Summer 2008.
Botnets Abhishek Debchoudhury Jason Holmes. What is a botnet? A network of computers running software that runs autonomously. In a security context we.
Threat infrastructure: proxies, botnets, fast-flux
Borrowed from Brent ByungHoon Kang, GMU. A Network of Compromised Computers on the Internet IP locations of the Waledac botnet. Borrowed from Brent ByungHoon.
DIGITAL Download Sharing and Copying. Digital Download Process of downloading content or materials with the elimination of physical media. (dvd/cdrom)
Botnets Uses, Prevention, and Examples. Background Robot Network Programs communicating over a network to complete a task Adapted new meaning in the security.
How do worms work? Vivek Ramachandran Nagraj – An Indian comic book hero, who commands all the snakes of the world.
Botnets An Introduction Into the World of Botnets Tyler Hudak
Tyler’s Malware Jeopardy $100 VirusWormSpyware Trojan Horses Ransomware /Rootkits $200 $300 $400 $500 $400 $300 $200 $100 $500 $400 $300 $200 $100 $500.
Introduction to Honeypot, Botnet, and Security Measurement
MSIT 458 – The Chinchillas. Offense Overview Botnet taxonomies need to be updated constantly in order to remain “complete” and are only as good as their.
Outline  Infections  1) r57 shell  2) rogue software  What Can We Do?  1) Seccheck  2) Virus total  3) Sandbox  Prevention  1) Personal Software.
B OTNETS T HREATS A ND B OTNETS DETECTION Mona Aldakheel
Article presentation for: The Dark Cloud: Understanding and Defending against Botnets and Stealthy Malware Based on article by: Jaideep Chandrashekar,
Safe Internet Use Mark Wheatley CSI Onsite
Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
Protecting Web 2.0 Services from Botnet Exploitations Cybercrime and Trustworthy Computing Workshop (CTC), 2010 Second Nguyen H Vo, Josef Pieprzyk Department.
BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection Guofei Gu, Roberto Perdisci, Junjie Zhang, and.
Speaker:Chiang Hong-Ren Botnet Detection by Monitoring Group Activities in DNS Traffic.
COMP 2903 A27 – Why Spyware Poses Multiple Threats to Security Danny Silver JSOCS, Acadia University.
Lecture 14 Page 1 CS 236 Online Worms Programs that seek to move from system to system –Making use of various vulnerabilities Other performs other malicious.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 45 How Hackers can Cripple the Internet and Attack Your PC How Hackers can Cripple the.
Bots Used to Facilitate Spam Matt Ziemniak. Discuss Snort lab improvements Spam as a vehicle behind cyber threats Bots and botnets What can be done.
Topics to be covered 1. What are bots,botnet ? 2.How does it work? 4.Prevention of botnet. 3.Types of botnets.
2012 4th International Conference on Cyber Conflict C. Czosseck, R. Ottis, K. Ziolkowski (Eds.) 2012 © NATO CCD COE Publications, Tallinn 朱祐呈.
Setting Up DreamWeaver NOTE: Use your mouse OR page down key to advance each page.
A computer virus is a computer program that can replicate itself and spread from one computer to another. The term "virus" is also commonly, but erroneously.
A Multifaceted Approach to Understanding the Botnet Phenomenon Authors : Moheeb Abu Rajab, Jay Zarfoss, Fabian Monrose, Andreas Terzis Computer Science.
Here is a list of viruses Adware- or advertising-supported software-, is any software package which automatically plays, displays, or downloads advertisements.
Nullcon Goa 2010http://nullcon.net Botnet Mitigation, Monitoring and Management - Harshad Patil.
BOTNETS Presented By : Ramesh kumar Ramesh kumar 08EBKIT049 08EBKIT049 A BIGGEST THREAT TO INERNET.
Lecture 18 Page 1 Advanced Network Security Distributed Denial of Service Attacks Advanced Network Security Peter Reiher August, 2014.
Daniul Byrd. What are bots?  Software that automates tasks  Can network to share data and act in coordination.
Virus and anti virus. Intro too anti virus Microsoft Anti-Virus (MSAV) was an antivirus program introduced by Microsoft for its MS-DOS operating system.
Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.
Computer Systems Security Part I ET4085 Keamanan Jaringan Telekomunikasi Tutun Juhana School of Electrical Engineering and Informatics Institut Teknologi.
What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.
4061 Session 26 (4/19). Today Network security Sockets: building a server.
Pacific Northwest Digital Government Summit Security – How Much is Enough? June 20, 2006 SA Kenneth A. Schmutz.
Big Bad Botnet Day! Xeno Kovah In association with the Corporation for Public Botcasting, and Viewers Like You! Xeno Kovah In association with the Corporation.
Measurements and Mitigation of Peer-to-peer Botnets: A Case Study on Storm Worm Thorsten Holz, Moritz Steiner, Frederic Dahl, Ernst Biersack, Felix Freiling.
Know your Enemy: Tracking Botnets The Honeynet Project & Research Alliance Presented by: Jonathan Dowdle.
BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection Presented by D Callahan.
Types of Malware © 2014 Project Lead The Way, Inc.Computer Science and Software Engineering.
Role Of Network IDS in Network Perimeter Defense.
Speaker: Hom-Jay Hom Date:2009/10/20 Botnet Research Survey Zhaosheng Zhu. et al July 28-August
Cybersecurity Test Review Introduction to Digital Technology.
Brett Stone-Gross, Marco Cova, Lorenzo Cavallaro, Bob Gilbert, Martin Szydlowski, Richard Kemmerer, Christopher Kruegel, and Giovanni Vigna Proceedings.
1 Botnets Group 28: Sean Caulfield and Fredrick Young ECE 4112 Internetwork Security Prof. Henry Owen.
Created by the E-PoliceSlide 122 February, 2012 Dangers of s By Michael Kuc.
Presented by : Matthew Sulkosky COSC 316 (Host Security) BOTNETS A.K.A ZOMBIE COMPUTING.
Botnets A collection of compromised machines
Unit 4 IT Security.
Botnets A collection of compromised machines
Identity Theft Jody Nadeau.
Malware CJ
Introduction to Internet Worm
Presentation transcript:

Host and Application Security Lesson 17: Botnets

Almost done with Malware  Now that you’re done with traditional malware, let’s look at an important class or two we’ve ignored: rootkits and botnets

Rootkit  Actually, a pretty loose definition  Can think of it as a piece of malware that is designed to allow an attacker privileged access to a computer Rootkits usually allow access via the network Rootkits usually are very stealthy, and provide ways an attacker can hide on the box

Botnet  Really, a form of rootkit, but the emphasis is on remote control

The Botnet Lifecycle RecruitmentManagementExploitation

Recruitment  Machines get recruited into botnets a large number of ways  Typically, web or based exploit  This installs the bot on the machine

Command and Control  This can be thought of as the “Achilles heel” of the botnet  A botnet needs remote control  Thus, if we can detect the network traffic, we can detect the botnet  However, the botherder makes a large effort to protect his (her) investment

Exploitation  Lots of uses: DDoS attacks Adware installation Spyware installation Spam Click fraud Spread to other machines ID theft …

C2 Techniques  Simple: IRC  Complicated: Domain flux Generate different candidate domain names every day Bots “check in” with new domains every day Not all domains need to be registered for this approach to work

C2 features  Can break down into: Topology: hub and spoke? P2P? Rallying Mechanism: How new bots locate and join the botnet. Communication Protocol: The underlying protocol used… Control Mechanism: How new commands are sent. Callback? Polling? Command Authentication Mechanism: How can we tell if a command is really from the botherder?

To Do  Download and read “Your botnet is my botnet: Analysis of a Botnet Takeover”  Questions about this could be on the final…

Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.