MOSQUITO BREEDING ATTACK: Spread of bots using Peer To Peer INSTRUCTOR: Dr.Cliff Zou PRESENTED BY : BHARAT SOUNDARARAJAN & AMIT SHRIVATSAVA.

Slides:



Advertisements
Similar presentations
A Survey of Botnet Size Measurement PRESENTED: KAI-HSIANG YANG ( 楊凱翔 ) DATE: 2013/11/04 1/24.
Advertisements

Your Botnet is My Botnet: Analysis of a Botnet Takeover
The Most Analytical and Comprehensive Defense Network in a Box.
A Hierarchical Hybrid Structure for Botnet Control and Command A Hierarchical Hybrid Structure for Botnet Control and Command Zhiqi Zhang, Baochen Lu,
 What is a botnet?  How are botnets created?  How are they controlled?  How are bots acquired?  What type of attacks are they responsible for? 
BotMiner Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee College of Computing, Georgia Institute of Technology.
1 Understanding Botnet Phenomenon MITP Kevin Lynch, Will Fiedler, Navin Johri, Sam Annor, Alex Roussev.
Slides to add  Botnet slides  Security regulations  Do we have similar laws for transportation?  Terrorism (look for some examples if possible)  Company.
Bots and Botnets CS-431 Dick Steflik. DDoS ● One of the most common ways to mount a Distributed Denial of Service attacks is done via networks of zombie.
Detecting Botnets Using Hidden Markov Models on Network Traces Wade Gobel Bio-Grid, Summer 2008.
Botnets Abhishek Debchoudhury Jason Holmes. What is a botnet? A network of computers running software that runs autonomously. In a security context we.
Threat infrastructure: proxies, botnets, fast-flux
How to Own the Internet in your spare time Ashish Gupta Network Security April 2004.
BOTNETS & TARGETED MALWARE Fernando Uribe. INTRODUCTION  Fernando Uribe   IT trainer and Consultant for over 15 years specializing.
Botnets Uses, Prevention, and Examples. Background Robot Network Programs communicating over a network to complete a task Adapted new meaning in the security.
PROJECT IN COMPUTER SECURITY MONITORING BOTNETS FROM WITHIN FINAL PRESENTATION – SPRING 2012 Students: Shir Degani, Yuval Degani Supervisor: Amichai Shulman.
1 Measurements and Mitigation of Peer-to-Peer-based Botnets: A Case Study on Storm Worm T. Holz, M. Steiner, F. Dahl, E. Biersack, and F. Freiling - Proceedings.
Botnets An Introduction Into the World of Botnets Tyler Hudak
Introduction to Honeypot, Botnet, and Security Measurement
Speaker : YUN–KUAN,CHANG Date : 2009/10/13 Working the botnet: how dynamic DNS is revitalising the zombie army.
B OTNETS T HREATS A ND B OTNETS DETECTION Mona Aldakheel
Article presentation for: The Dark Cloud: Understanding and Defending against Botnets and Stealthy Malware Based on article by: Jaideep Chandrashekar,
 Collection of connected programs communicating with similar programs to perform tasks  Legal  IRC bots to moderate/administer channels  Origin of.
BotNet Detection Techniques By Shreyas Sali
A Framework for Hybrid Structure P2P Botnet Speakers:MA2G0207 bo rong,sue Source:IEEE.
Protecting Web 2.0 Services from Botnet Exploitations Cybercrime and Trustworthy Computing Workshop (CTC), 2010 Second Nguyen H Vo, Josef Pieprzyk Department.
BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection Guofei Gu, Roberto Perdisci, Junjie Zhang, and.
Speaker:Chiang Hong-Ren Botnet Detection by Monitoring Group Activities in DNS Traffic.
Honeypot and Intrusion Detection System
Jeong, Hyun-Cheol. 2 Contents DDoS Attacks in Korea 1 1 Countermeasures against DDoS Attacks in Korea Countermeasures against DDoS Attacks in.
A N I NSIDE L OOK AT B OTNETS ARO-DHS S PECIAL W ORKSHOP ON M ALWARE D ETECTION, 2005 Written By: Paul Barford and Vinod Yegneswaran University of Wisconsin,
Topics to be covered 1. What are bots,botnet ? 2.How does it work? 4.Prevention of botnet. 3.Types of botnets.
2012 4th International Conference on Cyber Conflict C. Czosseck, R. Ottis, K. Ziolkowski (Eds.) 2012 © NATO CCD COE Publications, Tallinn 朱祐呈.
1 An Advanced Hybrid Peer-to-Peer Botnet Ping Wang, Sherri Sparks, Cliff C. Zou School of Electrical Engineering & Computer Science University of Central.
Appear in IEEE TDSC 2008 Presented by Wei-Cheng Xiao.
Nullcon Goa 2010http://nullcon.net Botnet Mitigation, Monitoring and Management - Harshad Patil.
BOTNETS Presented By : Ramesh kumar Ramesh kumar 08EBKIT049 08EBKIT049 A BIGGEST THREAT TO INERNET.
Modeling Worms: Two papers at Infocom 2003 Worms Programs that self propagate across the internet by exploiting the security flaws in widely used services.
PSI Peer Search Infrastructure. Introduction What are P2P Networks? The term "peer-to-peer" refers to a class of systems and applications that employ.
Johannes Hassmund (2009), Project Report for Information Security Course, Linkoping University, Sweden. Speaker : Hung-Jen Chiang Studying IDS signatures.
AN INSIDE LOOK AT BOTNETS Barford, Paul and Yegneswaran Advances in Information Security, Springer, 2006 Kishore Padma Raju.
Omar Hemmali CAP 6135 Paul Barford Vinod Yegneswaran Computer Sciences Department University of Wisconsen, Madison.
Understanding the network level behavior of spammers Published by :Anirudh Ramachandran, Nick Feamster Published in :ACMSIGCOMM 2006 Presented by: Bharat.
DETECTING TARGETED ATTACKS USING SHADOW HONEYPOTS AUTHORS: K. G. Anagnostakisy, S. Sidiroglouz, P. Akritidis, K. Xinidis, E. Markatos, A. D. Keromytisz.
Malicious Software.
A Case Study on Computer Worms Balaji Badam. Computer worms A self-propagating program on a network Types of Worms  Target Discovery  Carrier  Activation.
Data Communications and Networks Chapter 9 – Distributed Systems ICT-BVF8.1- Data Communications and Network Trainer: Dr. Abbes Sebihi.
Know your Enemy: Tracking Botnets The Honeynet Project & Research Alliance Presented by: Jonathan Dowdle.
A Multifaceted Approach to Understanding the Botnet Phenomenon Aurthors: Moheeb Abu Rajab, Jay Zarfoss, Fabian Monrose, Andreas Terzis Publication: Internet.
Speaker:Chiang Hong-Ren An Investigation and Implementation of Botnet Detection Schemes.
BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection Presented by D Callahan.
Types of Malware © 2014 Project Lead The Way, Inc.Computer Science and Software Engineering.
1 Modeling and Measuring Botnets David Dagon, Wenke Lee Georgia Institute of Technology Cliff C. Zou Univ. of Central Florida Funded by NSF CyberTrust.
Speaker: Hom-Jay Hom Date:2009/10/20 Botnet Research Survey Zhaosheng Zhu. et al July 28-August
2009/6/221 BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure- Independent Botnet Detection Reporter : Fong-Ruei, Li Machine.
Zhiyu Wan and Shunxing Bao BOTNET ATTACKS ON CYBER-PHYSICAL SYSTEM.
Botnets Borrowed from Brent ByungHoon Kang, GMU. A Network of Compromised Computers on the Internet IP locations of the Waledac botnet. Borrowed from.
Brett Stone-Gross, Marco Cova, Lorenzo Cavallaro, Bob Gilbert, Martin Szydlowski, Richard Kemmerer, Christopher Kruegel, and Giovanni Vigna Proceedings.
1 Botnets Group 28: Sean Caulfield and Fredrick Young ECE 4112 Internetwork Security Prof. Henry Owen.
Published: USENIX HotBots, 2007 Presented: Wei-Cheng Xiao 2016/10/11.
Speaker : YUN–KUAN,CHANG Date : 2009/11/17
Future Internet Presenter : Eung Jun Cho
BotCatch: A Behavior and Signature Correlated Bot Detection Approach
Internet Worm propagation
Modeling and Measuring Botnets
Attack Mechanism using botnets
Acknowledgement This lecture uses some contents from the lecture notes from: Dr. Dawn Song: CS161: computer security Richard Wang – SophosLabs: The Development.
Distributed computing deals with hardware
Acknowledgement This lecture uses some contents from the lecture notes from: Dr. Dawn Song: CS161: computer security Richard Wang – SophosLabs: The Development.
Presentation transcript:

MOSQUITO BREEDING ATTACK: Spread of bots using Peer To Peer INSTRUCTOR: Dr.Cliff Zou PRESENTED BY : BHARAT SOUNDARARAJAN & AMIT SHRIVATSAVA

INTRODUCTION Major threat to the security of internet Botnet is a collection of compromised computer under a control of single identity known as the bot controller Botnet uses vulnerability like other malwares to infect other machines in the network Different types of bots: Agobot, Sdbot, Spybot, GTbot

HOW BOTNETS WORK A botnet operator sends worm continuously infecting ordinary users The bot on the infected PC logs into a web server called Command & Control server(C&C) The botnet operator send instructions via server to the infected PC’s Used as a platform for DDOS and Spam attacks

Different types of Bot communication  Centralized Communication Group of bots connected to C&C server Weaknesses:  They can be easier because many clients connect the same point  Discovery of the central location can compromise the whole system

Centralized Botnet 5 bot C&C botmaster bot C&C

Hybrid P2P Botnet Decentralized communication: Each bots connected to its peer list Only servent bots are in the peer list Weaknesses: Even though defenders may not be able to capture a botnet sensor before its botmaster destroying the sensor (after completing botmaster's monitoring task), they still could use the captured traffic log to figure out the IP addresses of potential bots who contacted the sensor in the past

Servent bots Client bots Hybrid P2P Botnet Hybrid P2P

Mosquito Breeding Attack New attack using both Peer2Peer architecture and centralized architecture A centralized bots will generate many P2P bots inside the internet These P2P bots will start a separate network and get new peers for its new network

C&C BOTS Mosquito Breeding Attack

C&C BOTS Mosquito Breeding Attack

SIMULATION Platform: Windows/Linux Tools: Eclipse Source Code: Java/Applet File: Random.java

Algorithm Step1: Simulate Arbitrary Servers/Attackers Step2: Simulate Random Number Of clients(bots) Step3: Generate Botnet attacks from the attackers to the client Step4: The server loads the code into any randomly chosen client Step5: The client inturn becomes the server Step6: New bot continues breeding the code among the new clients

DEMO FOR THE SIMULATION

Bot Conversion Model Bots gets converted from client to server is identified Time taken for each bot to change from client to server is calculated A graph is drawn using bots in the X-axis and time taken for conversion in the Y-axis

Botnet Conversion Study Number of Bots converted from clients to servers Conversion time in seconds

ADVANTAGES To overcome the problem of C&C center in botnet Capturing of one C&C doesn’t affect the architecture It works independently More robust and more probing

CONCLUSION This shows how bots may work in the future We have shown by simulation how attack propagate We have also shown the conversion time of bots into c&c server

THANK YOU

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.