Attack Mechanism using botnets

Slides:

Advertisements

Similar presentations

MOSQUITO BREEDING ATTACK: Spread of bots using Peer To Peer INSTRUCTOR: Dr.Cliff Zou PRESENTED BY : BHARAT SOUNDARARAJAN & AMIT SHRIVATSAVA.

Advertisements

A Hierarchical Hybrid Structure for Botnet Control and Command A Hierarchical Hybrid Structure for Botnet Control and Command Zhiqi Zhang, Baochen Lu,

BotMiner Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee College of Computing, Georgia Institute of Technology.

Slides to add  Botnet slides  Security regulations  Do we have similar laws for transportation?  Terrorism (look for some examples if possible)  Company.

Urban Sensing Jonathan Yang UCLA CS194 Fall 2007 Jonathan Yang UCLA CS194 Fall 2007.

Botnets Abhishek Debchoudhury Jason Holmes. What is a botnet? A network of computers running software that runs autonomously. In a security context we.

Threat infrastructure: proxies, botnets, fast-flux

© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.

Peer-to-peer Multimedia Streaming and Caching Service by Won J. Jeon and Klara Nahrstedt University of Illinois at Urbana-Champaign, Urbana, USA.

A Modernize Version of the Antique Telephone Architecture Christopher Francis & Bertha Wilhelm.

Borrowed from Brent ByungHoon Kang, GMU. A Network of Compromised Computers on the Internet IP locations of the Waledac botnet. Borrowed from Brent ByungHoon.

2009/9/151 Rishi : Identify Bot Contaminated Hosts By IRC Nickname Evaluation Reporter : Fong-Ruei, Li Machine Learning and Bioinformatics Lab In Proceedings.

Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee College of Computing, Georgia Institute of Technology USENIX Security '08 Presented by Lei Wu.

B OTNETS T HREATS A ND B OTNETS DETECTION Mona Aldakheel

An Evaluation model of botnet based on peer to peer Gao Jian KangFeng ZHENG,YiXian Yang,XinXin Niu 2012 Fourth International Conference on Computational.

P EER - TO -P EER N ETWORKS Michael Fine 1. W HAT ARE P EER -T O -P EER N ETWORKS ? Napster Social networking spawned from this concept. Emerged in the.

 Collection of connected programs communicating with similar programs to perform tasks  Legal  IRC bots to moderate/administer channels  Origin of.

BotNet Detection Techniques By Shreyas Sali

 Introduction  VoIP  P2P Systems  Skype  SIP  Skype - SIP Similarities and Differences  Conclusion.

A Framework for Hybrid Structure P2P Botnet Speakers:MA2G0207 bo rong,sue Source:IEEE.

BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection Guofei Gu, Roberto Perdisci, Junjie Zhang, and.

Speaker:Chiang Hong-Ren Botnet Detection by Monitoring Group Activities in DNS Traffic.

2012 4th International Conference on Cyber Conflict C. Czosseck, R. Ottis, K. Ziolkowski (Eds.) 2012 © NATO CCD COE Publications, Tallinn 朱祐呈.

All the components of network are connected to the central device called “hub” which may be a hub, a router or a switch. There is no direct traffic between.

A Multifaceted Approach to Understanding the Botnet Phenomenon Authors : Moheeb Abu Rajab, Jay Zarfoss, Fabian Monrose, Andreas Terzis Computer Science.

1 An Advanced Hybrid Peer-to-Peer Botnet Ping Wang, Sherri Sparks, Cliff C. Zou School of Electrical Engineering & Computer Science University of Central.

Appear in IEEE TDSC 2008 Presented by Wei-Cheng Xiao.

Nullcon Goa 2010http://nullcon.net Botnet Mitigation, Monitoring and Management - Harshad Patil.

BOTNETS Presented By : Ramesh kumar Ramesh kumar 08EBKIT049 08EBKIT049 A BIGGEST THREAT TO INERNET.

PSI Peer Search Infrastructure. Introduction What are P2P Networks? The term "peer-to-peer" refers to a class of systems and applications that employ.

1 MSc Project Yin Chen Supervised by Dr Stuart Anderson 2003 Grid Services Monitor Long Term Monitoring of Grid Services Using Peer-to-Peer Techniques.

Peer Pressure: Distributed Recovery in Gnutella Pedram Keyani Brian Larson Muthukumar Senthil Computer Science Department Stanford University.

1 Peer-to-Peer Technologies Seminar by: Kunal Goswami (05IT6006) School of Information Technology Guided by: Prof. C.R.Mandal, School of Information Technology.

Understanding the network level behavior of spammers Published by :Anirudh Ramachandran, Nick Feamster Published in :ACMSIGCOMM 2006 Presented by: Bharat.

Computer Networking P2P. Why P2P? Scaling: system scales with number of clients, by definition Eliminate centralization: Eliminate single point.

Botnets Usman Jafarey Including slides from The Zombie Roundup by Cooke, Jahanian, McPherson of the University of Michigan.

A Multifaceted Approach to Understanding the Botnet Phenomenon Aurthors: Moheeb Abu Rajab, Jay Zarfoss, Fabian Monrose, Andreas Terzis Publication: Internet.

1 Modeling and Measuring Botnets David Dagon, Wenke Lee Georgia Institute of Technology Cliff C. Zou Univ. of Central Florida Funded by NSF CyberTrust.

Speaker: Hom-Jay Hom Date:2009/10/20 Botnet Research Survey Zhaosheng Zhu. et al July 28-August

Zhiyu Wan and Shunxing Bao BOTNET ATTACKS ON CYBER-PHYSICAL SYSTEM.

Botnets Borrowed from Brent ByungHoon Kang, GMU. A Network of Compromised Computers on the Internet IP locations of the Waledac botnet. Borrowed from.

Brett Stone-Gross, Marco Cova, Lorenzo Cavallaro, Bob Gilbert, Martin Szydlowski, Richard Kemmerer, Christopher Kruegel, and Giovanni Vigna Proceedings.

Published: USENIX HotBots, 2007 Presented: Wei-Cheng Xiao 2016/10/11.

The Network Aware IoT Service at Edge Guoxi Wang.

P2P Digital TV Recorder Supervisor: Professor Michael R. Lyu

A lustrum of malware network communication: Evolution & insights

Speaker : YUN–KUAN,CHANG Date : 2009/11/17

Future Internet Presenter : Eung Jun Cho

Botnet Detection & Countermeasures

Troubleshooting Network Communications

Multilevel Marketing Tree Viewer

CHAPTER 3 Architectures for Distributed Systems

BotCatch: A Behavior and Signature Correlated Bot Detection Approach

Client-Server Interaction

Peer-to-Peer Internet Networks

Comparison of LAN, MAN, WAN

CloudBot: Advanced mobile botnets using ubiquitous cloud technologies

An Introduction to Computer Networking

Modeling and Measuring Botnets

Blockchain Technology and IoT Security Andy Wang March 21, 2018

Acknowledgement This lecture uses some contents from the lecture notes from: Dr. Dawn Song: CS161: computer security Richard Wang – SophosLabs: The Development.

DATA RETRIEVAL IN ADHOC NETWORKS

Distributed computing deals with hardware

Packet Switched Networks (Chapter 11.1) by Beverley Louis

Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee

Networking Computer network A collection of computing devices that are connected in various ways in order to communicate and share resources Usually,

Acknowledgement This lecture uses some contents from the lecture notes from: Dr. Dawn Song: CS161: computer security Richard Wang – SophosLabs: The Development.

Botnet Detection by Monitoring Group Activities in DNS Traffic

Measurement and Analysis of Hajime: a Peer-to-peer IoT Botnet

An overview over Botnets

Presentation transcript:

Attack Mechanism using botnets Presented by : Bharat Soundararajan Amit Shrivastava

BACKGROUND OF BOTNETS Different types of botnet communication Centralized communication: Group of bots connected to C&C center Decentralized communication( P2P):Each Bot is connected to its peer list

Centralized Botnet bot C&C botmaster

Decentralized Botnet Servent bots Client bots Hybrid P2P

WEAKNESSES OF CENTRALIZED AND DECENTRALIZED SYSTEMS A weakness of traditional centralized botnet C&C is the single point of failure: an entire botnet can be dismantled by bringing down a single node (the C&C server) Decentralized: Even though defenders may not be able to capture a botnet sensor before its botmaster destroying the sensor (after completing botmaster's monitoring task), they still could use the captured traffic log to figure out the IP addresses of potential bots who contacted the sensor in the past

Future Enhancements Analysis of all the bot infection Study of all the topologies to create a new architecture Two way attack: First approach: Hiding the bots IP address Second approach: Changing the IP address of bots Third approach: Starting infection using centralized and converting it into peer to peer.

Any Suggestions?