SlideShare uma empresa Scribd logo

Botnet Architecture

Transferir como PPTX, PDF
Bhagath Singh Jayaprakasam
Bhagath Singh Jayaprakasam

it is a proposed architecture byPing Wang, Sherri Sparks, and Cliff C. Zou, Member, IEEE

Tecnologia
1 de 26
MODELING BOTNET IN PEER TO PEER SYSTEMS PRESENTED BY J.P.BhagathSingh B.E,M.TECH(N/W) VIT UNIVERSITY VELLORE & GUIDED BY Prof.ChandraMouliswaran.S
INTRODUCTION In the last several years, Internet malware attacks have evolved into better-organized and more profit-centered endeavors. E-mail spam, extortion through denial-of-service attacks, and click fraud represent a few examples of this emerging trend. “Botnets” are a root cause of these problems. A “botnet” consists of a network of compromised computers (“bots”) connected to the Internet that is controlled by a remote attacker (“botmaster”).
Botnet: Botnet is a large number of compromised computers that are used to create and send spam or viruses or flood a network with messages as a denial of service attack. Botnet is a term derived from the idea of bot networks. In its most basic form, a bot is simply an automated computer program, or robot. Bots refer to computers that are able to be controlled by one, or many, outside sources. An attacker usually gains control by infecting the computers with a virus or other malicious code that gives the attacker access.
Existing system: Most botnets that have appeared until now have had a common centralized architecture. From a botmaster’s perspective, the C&C(Command &Control) servers are the fundamental weak points in current botnet architectures. Because botmaster will lose control of their botnet once the limited number of C&C servers are shut down by defenders. Then an entire botnet may be exposed once a C&C server in the botnet is hijacked or captured by defenders. That is, bots in the botnet connect directly to some special hosts (called “command-and-control” servers, or “C&C” servers). These C&C servers receive commands from their botmaster and forward them.
Proposed Architecture:
The main aim of this proposed system is design an advanced hybrid peer-to-peer botnet. Generation of robust botnet capable of maintaining control of its remaining bots even after a substantial portion of the botnet population has been removed by defenders. Easily monitor and obtain the complete information of a botnet by its botmaster. A botmaster could easily monitor the entire botnet by issuing a report command. And to prevent (or make it harder for) defenders from detecting bots via their communication traffic patterns.
Bot Master Node: This is the server node or attacker node. This node will send instruction to any other node. A bot master can monitor the other node. Bot Master maintain the detail about the bot. A botmaster issues a special command, called a report command, to the botnet. It will instruct every bot to send its information to a specified machine that is compromised and controlled by the botmaster.
Bot Master Select Sensor Host Command Initiation Receive Command Connection with sensor Host Send Acknowledgement Send Command
ServentBot: ServentBot contains bots that have static, non private IP addresses and are accessible from the global Internet. Bots in the first group are called servent bots since they behave as both clients and servers. Only servent bots are candidates in peer lists.
Client Bot: Client contains the remaining bots, including bots with dynamically allocated IP addresses, Bots with private IP addresses will be connected to the global Internet. This group of bots is called client bots since they will not accept incoming connections.
Monitoring by Botmaster: Another major challenge in botnet design is making sure that a botnet is difficult to monitor by defenders. But at the same time, easily monitored by its botmaster. Botmaster could conduct attacks more effectively according to the bot population, distribution, on/off status, IP address types, etc. It keep tighter control over the botnet when facing various counterattacks from defenders. In this section, we present a simple but effective way for botmasters to monitor their botnets whenever they want.
Data Flow diagram Bot Master Command preparation Command Receive from the Bot Send Command Receive Command Sensor Selection Servent Bot Bot Bot Bot Monitoring without Honeypot Monitoring with Honeypot
Botnet Monitoring In this module we concentrate h0w defenders might defend against such an advanced botnet. Here we use two concepts to monitor the botnet Botnet monitoring with Honeypot. Botnet monitoring without Honeypot.
Botnetmonitring with Honeypot:Honey pot: In computer terminology, a honey pot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer, data, or a network site that appears to be part of a network It will block the attack from botmaster. Which seems to contain information or a resource value of attackers.
Honeypot Block Diagram: Honeypot Servent Bot Client Bot
Botnet monitoring without Honeypot. In this honeypot is not used. Attack cannot be blocked. Botnet monitors the whole system by scanning it. It can identify the temp file created by that attacker. We can identify the source by the temp and be aware for next attack.
BOTMASTER
Selecting client side IP
Monitoring with Honeypot
Monitoring without honeypot
Conclusion To be well prepared for future botnet attacks, we should study advanced botnet attack techniques that could be developed by botmasters in the near future. In this project, we present the design of an advanced hybrid P2P botnet. Compared with current botnets, the proposed one is harder to be monitored, and much harder to be shut down. To defend against such an advanced botnet, we point out that honeypots may play an important role. We should, therefore, invest more research into determining how to deploy honeypots efficiently and avoid their exposure to botnets and botmasters.
Reference: 1. S. Kandula, D. Katabi, M. Jacob, and A. Berger, “Botz-4-Sale: Surviving Organized DDOS Attacks That Mimic Flash Crowds,” Proc. Second Symp. Networked Systems Design and Implementation (NSDI ’05), May 2005. 2. C.T. News, Expert: Botnets No. 1 Emerging Internet Threat, http:// www.cnn.com/2006/TECH/internet/01/31/furst/, 2006. 3. F. Freiling, T. Holz, and G. Wicherski, “Botnet Tracking: Exploring a Root-Cause Methodology to Prevent Distributed Denial-of- Service Attacks,” Technical Report AIB-2005-07, CS Dept. RWTH Aachen Univ., Apr. 2005. 4 . D. Dagon, C. Zou, and W. Lee, “Modeling Botnet Propagation Using Time Zones,” Proc. 13th Ann. Network and Distributed System Security Symp. (NDSS ’06), pp. 235-249, Feb. 2006.
THANK YOU

Recomendados

Botnets 101
Botnets 101Botnets 101
Botnets 101Aung Thu Rha Hein
 
Botnet
Botnet Botnet
Botnet PriyanKa Harjai
 
Botnet
BotnetBotnet
BotnetJoshin Gomez
 
Botnets
BotnetsBotnets
BotnetsVishwadeep Badgujar
 
introduction to Botnet
introduction to Botnetintroduction to Botnet
introduction to Botnetyogendra singh chahar
 
BotNet Attacks
BotNet AttacksBotNet Attacks
BotNet AttacksRangana lakmal
 
A Brief Incursion into Botnet Detection
A Brief Incursion into Botnet DetectionA Brief Incursion into Botnet Detection
A Brief Incursion into Botnet DetectionAnant Narayanan
 
Botnets presentation
Botnets presentationBotnets presentation
Botnets presentationMahmoud Ibra
 

Recomendados

Botnets 101
Botnets 101Botnets 101
Botnets 101Aung Thu Rha Hein
 
Botnet
Botnet Botnet
Botnet PriyanKa Harjai
 
Botnet
BotnetBotnet
BotnetJoshin Gomez
 
Botnets
BotnetsBotnets
BotnetsVishwadeep Badgujar
 
introduction to Botnet
introduction to Botnetintroduction to Botnet
introduction to Botnetyogendra singh chahar
 
BotNet Attacks
BotNet AttacksBotNet Attacks
BotNet AttacksRangana lakmal
 
A Brief Incursion into Botnet Detection
A Brief Incursion into Botnet DetectionA Brief Incursion into Botnet Detection
A Brief Incursion into Botnet DetectionAnant Narayanan
 
Botnets presentation
Botnets presentationBotnets presentation
Botnets presentationMahmoud Ibra
 
BOTNET
BOTNETBOTNET
BOTNETArjo Ghosh
 
Botnet Detection Techniques
Botnet Detection TechniquesBotnet Detection Techniques
Botnet Detection TechniquesTeam Firefly
 
Botnets
BotnetsBotnets
BotnetsKavisha Miyan
 
A review botnet detection and suppression in clouds
A review botnet detection and suppression in cloudsA review botnet detection and suppression in clouds
A review botnet detection and suppression in cloudsAlexander Decker
 
Botnet Detection in Online-social Network
Botnet Detection in Online-social NetworkBotnet Detection in Online-social Network
Botnet Detection in Online-social NetworkRubal Sagwal
 
about botnets
about botnetsabout botnets
about botnetsAlain Bindele
 
A Survey of Botnet Detection Techniques
A Survey of Botnet Detection TechniquesA Survey of Botnet Detection Techniques
A Survey of Botnet Detection Techniquesijsrd.com
 
Study on Botnet Architecture
Study on Botnet ArchitectureStudy on Botnet Architecture
Study on Botnet ArchitectureBini Bs
 
What is botnet?
What is botnet?What is botnet?
What is botnet?Milan Petrásek
 
Botnets
BotnetsBotnets
Botnetsrichashri3
 
Botnets In Cyber Security
Botnets In Cyber SecurityBotnets In Cyber Security
Botnets In Cyber Securitysumit saurav
 
Botnet
BotnetBotnet
Botnetlokenra
 
A Dynamic Botnet Detection Model based on Behavior Analysis
A Dynamic Botnet Detection Model based on Behavior AnalysisA Dynamic Botnet Detection Model based on Behavior Analysis
A Dynamic Botnet Detection Model based on Behavior Analysisidescitation
 
Global Botnet Detector
Global Botnet DetectorGlobal Botnet Detector
Global Botnet DetectorBrenton Mallen
 
Botnet
BotnetBotnet
Botnetprisonbreak4950
 
All you know about Botnet
All you know about BotnetAll you know about Botnet
All you know about BotnetNaveen Titare
 
Bots and Botnet
Bots and BotnetBots and Botnet
Bots and BotnetHicube Infosec
 
Social engineering
Social engineeringSocial engineering
Social engineeringlokenra
 
Botnet detection by Imitation method
Botnet detection by Imitation methodBotnet detection by Imitation method
Botnet detection by Imitation methodAcad
 
A short visit to the bot zoo
A short visit to the bot zooA short visit to the bot zoo
A short visit to the bot zooUltraUploader
 
Detection of Botnets using Honeypots and P2P Botnets
Detection of Botnets using Honeypots and P2P BotnetsDetection of Botnets using Honeypots and P2P Botnets
Detection of Botnets using Honeypots and P2P BotnetsCSCJournals
 
Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1Aniq Eastrarulkhair
 

Mais conteúdo relacionado

Mais procurados

Botnet Detection Techniques
Botnet Detection TechniquesBotnet Detection Techniques
Botnet Detection TechniquesTeam Firefly
 
A review botnet detection and suppression in clouds
A review botnet detection and suppression in cloudsA review botnet detection and suppression in clouds
A review botnet detection and suppression in cloudsAlexander Decker
 
Botnet Detection in Online-social Network
Botnet Detection in Online-social NetworkBotnet Detection in Online-social Network
Botnet Detection in Online-social NetworkRubal Sagwal
 
A Survey of Botnet Detection Techniques
A Survey of Botnet Detection TechniquesA Survey of Botnet Detection Techniques
A Survey of Botnet Detection Techniquesijsrd.com
 
Study on Botnet Architecture
Study on Botnet ArchitectureStudy on Botnet Architecture
Study on Botnet ArchitectureBini Bs
 
Botnets In Cyber Security
Botnets In Cyber SecurityBotnets In Cyber Security
Botnets In Cyber Securitysumit saurav
 
A Dynamic Botnet Detection Model based on Behavior Analysis
A Dynamic Botnet Detection Model based on Behavior AnalysisA Dynamic Botnet Detection Model based on Behavior Analysis
A Dynamic Botnet Detection Model based on Behavior Analysisidescitation
 
Global Botnet Detector
Global Botnet DetectorGlobal Botnet Detector
Global Botnet DetectorBrenton Mallen
 
All you know about Botnet
All you know about BotnetAll you know about Botnet
All you know about BotnetNaveen Titare
 
Social engineering
Social engineeringSocial engineering
Social engineeringlokenra
 
Botnet detection by Imitation method
Botnet detection by Imitation methodBotnet detection by Imitation method
Botnet detection by Imitation methodAcad
 
A short visit to the bot zoo
A short visit to the bot zooA short visit to the bot zoo
A short visit to the bot zooUltraUploader
 

Mais procurados (20)

BOTNET
BOTNETBOTNET
BOTNET
 
Botnet Detection Techniques
Botnet Detection TechniquesBotnet Detection Techniques
Botnet Detection Techniques
 
Botnets
BotnetsBotnets
Botnets
 
A review botnet detection and suppression in clouds
A review botnet detection and suppression in cloudsA review botnet detection and suppression in clouds
A review botnet detection and suppression in clouds
 
Botnet Detection in Online-social Network
Botnet Detection in Online-social NetworkBotnet Detection in Online-social Network
Botnet Detection in Online-social Network
 
about botnets
about botnetsabout botnets
about botnets
 
A Survey of Botnet Detection Techniques
A Survey of Botnet Detection TechniquesA Survey of Botnet Detection Techniques
A Survey of Botnet Detection Techniques
 
Study on Botnet Architecture
Study on Botnet ArchitectureStudy on Botnet Architecture
Study on Botnet Architecture
 
What is botnet?
What is botnet?What is botnet?
What is botnet?
 
Botnets
BotnetsBotnets
Botnets
 
Botnets In Cyber Security
Botnets In Cyber SecurityBotnets In Cyber Security
Botnets In Cyber Security
 
Botnet
BotnetBotnet
Botnet
 
A Dynamic Botnet Detection Model based on Behavior Analysis
A Dynamic Botnet Detection Model based on Behavior AnalysisA Dynamic Botnet Detection Model based on Behavior Analysis
A Dynamic Botnet Detection Model based on Behavior Analysis
 
Global Botnet Detector
Global Botnet DetectorGlobal Botnet Detector
Global Botnet Detector
 
Botnet
BotnetBotnet
Botnet
 
All you know about Botnet
All you know about BotnetAll you know about Botnet
All you know about Botnet
 
Bots and Botnet
Bots and BotnetBots and Botnet
Bots and Botnet
 
Social engineering
Social engineeringSocial engineering
Social engineering
 
Botnet detection by Imitation method
Botnet detection by Imitation methodBotnet detection by Imitation method
Botnet detection by Imitation method
 
A short visit to the bot zoo
A short visit to the bot zooA short visit to the bot zoo
A short visit to the bot zoo
 

Semelhante a Botnet Architecture

Detection of Botnets using Honeypots and P2P Botnets
Detection of Botnets using Honeypots and P2P BotnetsDetection of Botnets using Honeypots and P2P Botnets
Detection of Botnets using Honeypots and P2P BotnetsCSCJournals
 
Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1Aniq Eastrarulkhair
 
Understanding the Botnet Phenomenon
Understanding the Botnet PhenomenonUnderstanding the Botnet Phenomenon
Understanding the Botnet PhenomenonDr. Amarjeet Singh
 
Study on Botnet Architecture
Study on Botnet ArchitectureStudy on Botnet Architecture
Study on Botnet ArchitectureBini Bs
 
Tracing Back The Botmaster
Tracing Back The BotmasterTracing Back The Botmaster
Tracing Back The BotmasterIJERA Editor
 
Presentation Undergraduate Project
Presentation Undergraduate ProjectPresentation Undergraduate Project
Presentation Undergraduate ProjectCevdet Basaran
 
Botnet Attacks How They Work and How to Defend Against Them.pdf
Botnet Attacks How They Work and How to Defend Against Them.pdfBotnet Attacks How They Work and How to Defend Against Them.pdf
Botnet Attacks How They Work and How to Defend Against Them.pdfuzair
 
Untitled document.pdf
Untitled document.pdfUntitled document.pdf
Untitled document.pdfgoogle
 
“Design and Detection of Mobile Botnet Attacks”
“Design and Detection of Mobile Botnet Attacks”“Design and Detection of Mobile Botnet Attacks”
“Design and Detection of Mobile Botnet Attacks”iosrjce
 
Guarding Against Large-Scale Scrabble In Social Network
Guarding Against Large-Scale Scrabble In Social NetworkGuarding Against Large-Scale Scrabble In Social Network
Guarding Against Large-Scale Scrabble In Social NetworkEditor IJCATR
 
Detecting HTTP Botnet using Artificial Immune System (AIS)
Detecting HTTP Botnet using Artificial Immune System (AIS)Detecting HTTP Botnet using Artificial Immune System (AIS)
Detecting HTTP Botnet using Artificial Immune System (AIS)sadique_ghitm
 
Synopsis viva presentation
Synopsis viva presentationSynopsis viva presentation
Synopsis viva presentationkirubavenkat
 
[2010 CodeEngn Conference 04] Max - Fighting against Botnet
[2010 CodeEngn Conference 04] Max - Fighting against Botnet[2010 CodeEngn Conference 04] Max - Fighting against Botnet
[2010 CodeEngn Conference 04] Max - Fighting against BotnetGangSeok Lee
 
Face expressions, facial features, kinect sensor, face tracking SDK, neural n...
Face expressions, facial features, kinect sensor, face tracking SDK, neural n...Face expressions, facial features, kinect sensor, face tracking SDK, neural n...
Face expressions, facial features, kinect sensor, face tracking SDK, neural n...iosrjce
 
IRJET- Hashxplorer-A Distributed System for Hash Matching
IRJET- Hashxplorer-A Distributed System for Hash MatchingIRJET- Hashxplorer-A Distributed System for Hash Matching
IRJET- Hashxplorer-A Distributed System for Hash MatchingIRJET Journal
 

Semelhante a Botnet Architecture (20)

Detection of Botnets using Honeypots and P2P Botnets
Detection of Botnets using Honeypots and P2P BotnetsDetection of Botnets using Honeypots and P2P Botnets
Detection of Botnets using Honeypots and P2P Botnets
 
Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1
 
How To Protect Your Website From Bot Attacks
How To Protect Your Website From Bot AttacksHow To Protect Your Website From Bot Attacks
How To Protect Your Website From Bot Attacks
 
Understanding the Botnet Phenomenon
Understanding the Botnet PhenomenonUnderstanding the Botnet Phenomenon
Understanding the Botnet Phenomenon
 
Study on Botnet Architecture
Study on Botnet ArchitectureStudy on Botnet Architecture
Study on Botnet Architecture
 
Paper(edited)
Paper(edited)Paper(edited)
Paper(edited)
 
Tracing Back The Botmaster
Tracing Back The BotmasterTracing Back The Botmaster
Tracing Back The Botmaster
 
Cybersecurity -Terms.
Cybersecurity -Terms.Cybersecurity -Terms.
Cybersecurity -Terms.
 
Presentation Undergraduate Project
Presentation Undergraduate ProjectPresentation Undergraduate Project
Presentation Undergraduate Project
 
Botnet Attacks How They Work and How to Defend Against Them.pdf
Botnet Attacks How They Work and How to Defend Against Them.pdfBotnet Attacks How They Work and How to Defend Against Them.pdf
Botnet Attacks How They Work and How to Defend Against Them.pdf
 
Untitled document.pdf
Untitled document.pdfUntitled document.pdf
Untitled document.pdf
 
“Design and Detection of Mobile Botnet Attacks”
“Design and Detection of Mobile Botnet Attacks”“Design and Detection of Mobile Botnet Attacks”
“Design and Detection of Mobile Botnet Attacks”
 
P01761113118
P01761113118P01761113118
P01761113118
 
Guarding Against Large-Scale Scrabble In Social Network
Guarding Against Large-Scale Scrabble In Social NetworkGuarding Against Large-Scale Scrabble In Social Network
Guarding Against Large-Scale Scrabble In Social Network
 
Detecting HTTP Botnet using Artificial Immune System (AIS)
Detecting HTTP Botnet using Artificial Immune System (AIS)Detecting HTTP Botnet using Artificial Immune System (AIS)
Detecting HTTP Botnet using Artificial Immune System (AIS)
 
Synopsis viva presentation
Synopsis viva presentationSynopsis viva presentation
Synopsis viva presentation
 
[2010 CodeEngn Conference 04] Max - Fighting against Botnet
[2010 CodeEngn Conference 04] Max - Fighting against Botnet[2010 CodeEngn Conference 04] Max - Fighting against Botnet
[2010 CodeEngn Conference 04] Max - Fighting against Botnet
 
L017326972
L017326972L017326972
L017326972
 
Face expressions, facial features, kinect sensor, face tracking SDK, neural n...
Face expressions, facial features, kinect sensor, face tracking SDK, neural n...Face expressions, facial features, kinect sensor, face tracking SDK, neural n...
Face expressions, facial features, kinect sensor, face tracking SDK, neural n...
 
IRJET- Hashxplorer-A Distributed System for Hash Matching
IRJET- Hashxplorer-A Distributed System for Hash MatchingIRJET- Hashxplorer-A Distributed System for Hash Matching
IRJET- Hashxplorer-A Distributed System for Hash Matching
 

Último

Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 

Último (20)

Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 

Botnet Architecture

  • 1. MODELING BOTNET IN PEER TO PEER SYSTEMS PRESENTED BY J.P.BhagathSingh B.E,M.TECH(N/W) VIT UNIVERSITY VELLORE & GUIDED BY Prof.ChandraMouliswaran.S
  • 2. INTRODUCTION In the last several years, Internet malware attacks have evolved into better-organized and more profit-centered endeavors. E-mail spam, extortion through denial-of-service attacks, and click fraud represent a few examples of this emerging trend. “Botnets” are a root cause of these problems. A “botnet” consists of a network of compromised computers (“bots”) connected to the Internet that is controlled by a remote attacker (“botmaster”).
  • 3. Botnet: Botnet is a large number of compromised computers that are used to create and send spam or viruses or flood a network with messages as a denial of service attack. Botnet is a term derived from the idea of bot networks. In its most basic form, a bot is simply an automated computer program, or robot. Bots refer to computers that are able to be controlled by one, or many, outside sources. An attacker usually gains control by infecting the computers with a virus or other malicious code that gives the attacker access.
  • 4. Existing system: Most botnets that have appeared until now have had a common centralized architecture. From a botmaster’s perspective, the C&C(Command &Control) servers are the fundamental weak points in current botnet architectures. Because botmaster will lose control of their botnet once the limited number of C&C servers are shut down by defenders. Then an entire botnet may be exposed once a C&C server in the botnet is hijacked or captured by defenders. That is, bots in the botnet connect directly to some special hosts (called “command-and-control” servers, or “C&C” servers). These C&C servers receive commands from their botmaster and forward them.
  • 5.
  • 7. The main aim of this proposed system is design an advanced hybrid peer-to-peer botnet. Generation of robust botnet capable of maintaining control of its remaining bots even after a substantial portion of the botnet population has been removed by defenders. Easily monitor and obtain the complete information of a botnet by its botmaster. A botmaster could easily monitor the entire botnet by issuing a report command. And to prevent (or make it harder for) defenders from detecting bots via their communication traffic patterns.
  • 8. Bot Master Node: This is the server node or attacker node. This node will send instruction to any other node. A bot master can monitor the other node. Bot Master maintain the detail about the bot. A botmaster issues a special command, called a report command, to the botnet. It will instruct every bot to send its information to a specified machine that is compromised and controlled by the botmaster.
  • 9. Bot Master Select Sensor Host Command Initiation Receive Command Connection with sensor Host Send Acknowledgement Send Command
  • 10. ServentBot: ServentBot contains bots that have static, non private IP addresses and are accessible from the global Internet. Bots in the first group are called servent bots since they behave as both clients and servers. Only servent bots are candidates in peer lists.
  • 11. Client Bot: Client contains the remaining bots, including bots with dynamically allocated IP addresses, Bots with private IP addresses will be connected to the global Internet. This group of bots is called client bots since they will not accept incoming connections.
  • 12. Monitoring by Botmaster: Another major challenge in botnet design is making sure that a botnet is difficult to monitor by defenders. But at the same time, easily monitored by its botmaster. Botmaster could conduct attacks more effectively according to the bot population, distribution, on/off status, IP address types, etc. It keep tighter control over the botnet when facing various counterattacks from defenders. In this section, we present a simple but effective way for botmasters to monitor their botnets whenever they want.
  • 13. Data Flow diagram Bot Master Command preparation Command Receive from the Bot Send Command Receive Command Sensor Selection Servent Bot Bot Bot Bot Monitoring without Honeypot Monitoring with Honeypot
  • 14. Botnet Monitoring In this module we concentrate h0w defenders might defend against such an advanced botnet. Here we use two concepts to monitor the botnet Botnet monitoring with Honeypot. Botnet monitoring without Honeypot.
  • 15. Botnetmonitring with Honeypot:Honey pot: In computer terminology, a honey pot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer, data, or a network site that appears to be part of a network It will block the attack from botmaster. Which seems to contain information or a resource value of attackers.
  • 16. Honeypot Block Diagram: Honeypot Servent Bot Client Bot
  • 17. Botnet monitoring without Honeypot. In this honeypot is not used. Attack cannot be blocked. Botnet monitors the whole system by scanning it. It can identify the temp file created by that attacker. We can identify the source by the temp and be aware for next attack.
  • 19.
  • 22.
  • 24. Conclusion To be well prepared for future botnet attacks, we should study advanced botnet attack techniques that could be developed by botmasters in the near future. In this project, we present the design of an advanced hybrid P2P botnet. Compared with current botnets, the proposed one is harder to be monitored, and much harder to be shut down. To defend against such an advanced botnet, we point out that honeypots may play an important role. We should, therefore, invest more research into determining how to deploy honeypots efficiently and avoid their exposure to botnets and botmasters.
  • 25. Reference: 1. S. Kandula, D. Katabi, M. Jacob, and A. Berger, “Botz-4-Sale: Surviving Organized DDOS Attacks That Mimic Flash Crowds,” Proc. Second Symp. Networked Systems Design and Implementation (NSDI ’05), May 2005. 2. C.T. News, Expert: Botnets No. 1 Emerging Internet Threat, http:// www.cnn.com/2006/TECH/internet/01/31/furst/, 2006. 3. F. Freiling, T. Holz, and G. Wicherski, “Botnet Tracking: Exploring a Root-Cause Methodology to Prevent Distributed Denial-of- Service Attacks,” Technical Report AIB-2005-07, CS Dept. RWTH Aachen Univ., Apr. 2005. 4 . D. Dagon, C. Zou, and W. Lee, “Modeling Botnet Propagation Using Time Zones,” Proc. 13th Ann. Network and Distributed System Security Symp. (NDSS ’06), pp. 235-249, Feb. 2006.
  • 26. THANK YOU