CloudBot: Advanced mobile botnets using ubiquitous cloud technologies

Slides:

Advertisements

Similar presentations

MOSQUITO BREEDING ATTACK: Spread of bots using Peer To Peer INSTRUCTOR: Dr.Cliff Zou PRESENTED BY : BHARAT SOUNDARARAJAN & AMIT SHRIVATSAVA.

Advertisements

A Hierarchical Hybrid Structure for Botnet Control and Command A Hierarchical Hybrid Structure for Botnet Control and Command Zhiqi Zhang, Baochen Lu,

Botnet Dection system. Introduction  Botnet problem  Challenges for botnet detection.

Detecting Botnets Using Hidden Markov Models on Network Traces Wade Gobel Bio-Grid, Summer 2008.

On the Feasibility of Large-Scale Infections of iOS Devices

Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee College of Computing, Georgia Institute of Technology USENIX Security '08 Presented by Lei Wu.

1 Measurements and Mitigation of Peer-to-Peer-based Botnets: A Case Study on Storm Worm T. Holz, M. Steiner, F. Dahl, E. Biersack, and F. Freiling - Proceedings.

多媒體網路安全實驗室 A Strong User Authentication Framework for Cloud Computing Date ： Reporter : Hong Ji Wei Authors : Amlan Jyoti Choudhury, Mangal.

B OTNETS T HREATS A ND B OTNETS DETECTION Mona Aldakheel

A Framework for Hybrid Structure P2P Botnet Speakers:MA2G0207 bo rong,sue Source:IEEE.

Protecting Web 2.0 Services from Botnet Exploitations Cybercrime and Trustworthy Computing Workshop (CTC), 2010 Second Nguyen H Vo, Josef Pieprzyk Department.

GreenDelivery: Proactive Content Caching and Push with Energy- Harvesting-based Small Cells IEEE Communications Magazine, 2015 Sheng Zhou, Jie Gong, Zhenyu.

11 Automatic Discovery of Botnet Communities on Large-Scale Communication Networks Wei Lu, Mahbod Tavallaee and Ali A. Ghorbani - in ACM Symposium on InformAtion,

2012 4th International Conference on Cyber Conflict C. Czosseck, R. Ottis, K. Ziolkowski (Eds.) 2012 © NATO CCD COE Publications, Tallinn 朱祐呈.

1 An Advanced Hybrid Peer-to-Peer Botnet Ping Wang, Sherri Sparks, Cliff C. Zou School of Electrical Engineering & Computer Science University of Central.

Appear in IEEE TDSC 2008 Presented by Wei-Cheng Xiao.

BOTNETS Presented By : Ramesh kumar Ramesh kumar 08EBKIT049 08EBKIT049 A BIGGEST THREAT TO INERNET.

Secure Authentication Scheme with Anonymity for Wireless Communications Speaker : Hong-Ji Wei Date :

Speaker: Hom-Jay Hom Date:2009/11/17 Botnet, and the CyberCriminal Underground IEEE 2008 Hsin chun Chen Clinton J. Mielke II.

Published: Internet Measurement Conference (IMC) 2006 Presented by Wei-Cheng Xiao 2015/11/221.

Web Botnet Detection Based on Flow Information Chia-Mei Chen, Ya-Hui Ou, and Yu-Chou Tsai, National Sun Yat –Sen University,IEEE 2010.

SPEAKER: HONG-JI WEI DATE: Secure Anonymous Authentication Scheme with Roaming for Mobile Networks.

1 Adaptive key pre-distribution model for distributed sensor networks Author: C.-S. Laih, M.-K. Sun, C.-C. Chang and Y.-S. Han Source: IET Communications,

Speaker ：梁景棠 Advisor ：許子衡 Class ：碩資工一甲 Student ID ： MA2G0107 Author ： Chin-Feng Lai Han-Chieh Chao Published ： 2013 Cloud-Assisted Real-Time transrating.

FCM Workflow using GCM.

Speaker:Chiang Hong-Ren An Investigation and Implementation of Botnet Detection Schemes.

BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection Presented by D Callahan.

Efficient Pairwise Key Establishment Scheme Based on Random Pre-Distribution Keys in Wireless Sensor Networks Source: Lecture Notes in Computer Science,

SPEAKER: HONG-JI WEI DATE: Efficient and Secure Anonymous Authentication Scheme with Roaming Used in Mobile Networks.

Speaker: Hom-Jay Hom Date:2009/10/20 Botnet Research Survey Zhaosheng Zhu. et al July 28-August

2009/6/221 BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure- Independent Botnet Detection Reporter : Fong-Ruei, Li Machine.

11 A First Step towards Live Botmaster Traceback Daniel Ramsbrock, Xinyuan Wang, and Xuxian Jiang - the 11th International Symposium on Recent Advances.

Brett Stone-Gross, Marco Cova, Lorenzo Cavallaro, Bob Gilbert, Martin Szydlowski, Richard Kemmerer, Christopher Kruegel, and Giovanni Vigna Proceedings.

Published: USENIX HotBots, 2007 Presented: Wei-Cheng Xiao 2016/10/11.

Source: Computers & Security, Vol. 24, No. 5, pp , August 2005

Denial of Service detection and mitigation on GENI

A Dynamic ID-Based Generic Framework for Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Source: Wireless Personal Communications,

Cryptanalyses and improvements of two cryptographic key assignment schemes for dynamic access control in a user hierarchy Source: Computer & Security,

A lightweight authentication scheme based on self-updating strategy for space information network Source: International Journal Of Satellite Communications.

Speaker : YUN–KUAN,CHANG Date : 2009/11/17

Future Internet Presenter : Eung Jun Cho

Cryptanalysis on Mu–Varadharajan's e-voting schemes

Source: Computers & Security, vol.23, pp , 2004 Author: Heba K. Aslan

Hybrid Cloud Architecture for Software-as-a-Service Provider to Achieve Higher Privacy and Decrease Securiity Concerns about Cloud Computing P. Reinhold.

Source : Future Generation Computer Systems, Vol. 68, pp , 2017

A robust and anonymous patient monitoring system using wireless medical sensor networks Source: Future Generation Computer Systems, Available online 8.

Security of a Remote Users Authentication Scheme Using Smart Cards

BotCatch: A Behavior and Signature Correlated Bot Detection Approach

Small target detection combining regional stability

Attack Mechanism using botnets

Section 14.1 Section 14.2 Identify the technical needs of a Web server

Centrality Bias Measure for High Density QR Code Module Recognition

A Secure and Efficient Cloud Resource Allocation Scheme with Trust

A Secure and Efficient Cloud Resource Allocation Scheme with Trust

Source：Multimedia Tools and Applications, Vol. 77, No. 20, pp , Oct

Amar B. Patel , Shushan Zhao

A Novel Latin Square-based Secret Sharing for M2M Communications

Small target detection combining regional stability

Enabling Localized Peer-to-Peer Electricity Trading Among Plug-in Hybrid Electric Vehicles Using Consortium Blockchains Source: IEEE Transactions on Industrial.

Authors：Debiao He, Sherali Zeadally, Neeraj Kumar and Wei Wu

An efficient reversible image authentication method using improved PVO and LSB substitution techniques Source : Signal Processing: Image Communication,

Controllable and Trustworthy Blockchain-based Cloud Data Management

Source: Energies, Vol. 10, No. 12, November 2017

Source：Multimedia Tools and Applications, Vol. 77, No. 20, pp , Oct

Source: Journal of Systems and Software, Vol. 140, pp , June 2018

Source：Journal of Systems and Software, vol. 140, pp , June 2018

Source: Sensors, Volume 19, Issue 9 (May )

Biometrics-based RSA Cryptosystem for Securing Real-Time Communication

Privacy Protection for E-Health Systems by

IoT Security and Privacy

Presentation transcript:

CloudBot: Advanced mobile botnets using ubiquitous cloud technologies Source: Pervasive and Mobile Computing, vol. 41, pp. 270-285, October 2017 Author: Wei Chen, Xiapu Luo, Chengyu Yin, Bin Xiao, Man Ho Au, Yajuan Tang Speaker: Chit-jie Chew Date: 3/15/2018

Outline Introduction Related works Proposed scheme Experimental results Conclusions

Introduction(1/2)

Introduction(2/3)

Cloud-based Push Service Cloud-based Storage Service Introduction(3/3)- Goals and challenges Download Channel Download Channel Cloud-based Push Service Bot Botmaster Upload Channel Upload Channel Cloud-based Storage Service

Related works(1/2)-Architecture of botnet Bots Botmaster Network Attack Victim Command Steal data Spam DDoS

Related works(2/2)-Communication Channels SMS Bluetooth HTTP

Proposed scheme(1/8)- Basic structure Contactinfo GPSinfo Pic-upload Applist … Push notification service Botmaster (b)Command+ Registration ID+ API keys (1)Identity information (a)Command (2)Registration ID (c)Push command to bot Sender ID (3)Registration ID C&C server Bot

Proposed scheme(2/8)- Flat structure (2.a)Command+ Registration ID list+ API keys from GCM (3a)Push Command to bots Group 1 C&C server (1)Command + Target bot list Group 2 (2.b)Command+ Registration ID list+ API keys from Parse (3b)Push Command to bots Botmaster

(2)Command+ Registration ID list+ API keys from GCM Proposed scheme(3/8)- Hybrid structure (2)Command+ Registration ID list+ API keys from GCM (5)Push command to bots Group 1 C&C server Group 2 (4)Relay command to bots in group (1)Command + Target bot list (3)Push command to servant bots ··· Group n Botmaster

Proposed scheme(4/8)- Hierarchy structure ······ ······ ······ C&C server Push service Servant bot Push service Push service Push service Client bot ······ ······ ······

Proposed scheme(5/8)- P2P structure Client bot Servant bot Client bot Push service Push service Client bot Servant bot Client bot Push service Push service Client bot Servant bot Client bot Push service Push service Client bot C&C server Client bot Push service Push service Client bot Servant bot Push service Servant bot

Proposed scheme(6/8)- Bots return data to botmaster via cloud storage

Proposed scheme(7/8)- Selection Push server selection 1(10) 2(10) Round-robin scheduling 1(10) 2(10) 3(10) Weight round-robin scheduling 4(10) 5(10) 6(10) 7(10) 8(10)

Proposed scheme(8/8)- Selection Push server selection Round-robin scheduling 1(4) 2(5) 3(10) Weight round-robin scheduling 4(15) 5(16) Servant bots selection 6(6) 7(12) LEACH(Low-energy adaptive clustering hierarchy) 8(12)

Experimental results(1/6)- Robustness mathematical analysis (a)Blocked probability with different accounts number (b)Disclosed probability when bots are captured

Experimental results(2/6)- Botnet traffic disperse among different push servers

Experimental results(3/6)- Command delay for mono-push-server botnet

Experimental results(4/6)- Command delay for CloudBot download channel

Experimental results(5/6)- Command delay for CloudBot upload channel

Experimental results(6/6) Attack demonstration (a)Attack demonstration (b)Applications list

Conclusions Robustness Controllability Scalability Concealment

Thanks for listening