Sravanthi Vattikuti Sri Harsha Devabhaktuni

Slides:

Advertisements

Similar presentations

Botnets ECE 4112 Lab 10 Group 19.

Advertisements

Guide to Computer Forensics and Investigations1 Network Forensics Overview Network forensics –Systematic tracking of incoming and outgoing traffic To ascertain.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Zombie or not to be: Trough the meshes of Botnets - Guillaume Lovet AVAR 2005 Tianjin, China.

ECrime Research Richard Clayton Luxembourg 11 th May 2010.

Malicious Attacks By Chris Berg-Jones, Ethan Ungchusri, and Angela Wang.

N ETWORK S ECURITY Presented by: Brent Vignola. M ATERIAL OVERVIEW … Basic security components that exist in all networks Authentication Firewall Intrusion.

 What is a botnet?  How are botnets created?  How are they controlled?  How are bots acquired?  What type of attacks are they responsible for? 

BotMiner Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee College of Computing, Georgia Institute of Technology.

BOTNETS/Cyber Criminals  How do we stop Cyber Criminals.

1 Understanding Botnet Phenomenon MITP Kevin Lynch, Will Fiedler, Navin Johri, Sam Annor, Alex Roussev.

Security Awareness: Applying Practical Security in Your World

Detecting Botnets Using Hidden Markov Models on Network Traces Wade Gobel Bio-Grid, Summer 2008.

Botnets Usman Jafarey Including slides from The Zombie Roundup by Cooke, Jahanian, McPherson of the University of Michigan.

BOTNETS & TARGETED MALWARE Fernando Uribe. INTRODUCTION  Fernando Uribe   IT trainer and Consultant for over 15 years specializing.

Botnets Uses, Prevention, and Examples. Background Robot Network Programs communicating over a network to complete a task Adapted new meaning in the security.

Capacity Development Workshop on Public Information Management System and Policy in Korea on cyber attacks Jeong Min, Lee KISA.

China Science & Technology Network Computer Emergency Response Team Botnet Detection and Network Security Alert Tao JING CSTCERT,CNIC.

Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.

APA of Isfahan University of Technology In the name of God.

Botnets An Introduction Into the World of Botnets Tyler Hudak

Introduction to Honeypot, Botnet, and Security Measurement

Securing Information Systems

Outline  Infections  1) r57 shell  2) rogue software  What Can We Do?  1) Seccheck  2) Virus total  3) Sandbox  Prevention  1) Personal Software.

Attacks on Computer Systems

Speaker : YUN–KUAN,CHANG Date : 2009/10/13 Working the botnet: how dynamic DNS is revitalising the zombie army.

B OTNETS T HREATS A ND B OTNETS DETECTION Mona Aldakheel

Article presentation for: The Dark Cloud: Understanding and Defending against Botnets and Stealthy Malware Based on article by: Jaideep Chandrashekar,

 Collection of connected programs communicating with similar programs to perform tasks  Legal  IRC bots to moderate/administer channels  Origin of.

Distributed Honeynet System

BotNet Detection Techniques By Shreyas Sali

BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection Guofei Gu, Roberto Perdisci, Junjie Zhang, and.

Speaker:Chiang Hong-Ren Botnet Detection by Monitoring Group Activities in DNS Traffic.

Network Security Introduction Some of these slides have been modified from slides of Michael I. Shamos COPYRIGHT © 2003 MICHAEL I. SHAMOS.

Bots Used to Facilitate Spam Matt Ziemniak. Discuss Snort lab improvements Spam as a vehicle behind cyber threats Bots and botnets What can be done.

Jeong, Hyun-Cheol. 2 Contents DDoS Attacks in Korea 1 1 Countermeasures against DDoS Attacks in Korea Countermeasures against DDoS Attacks in.

BotNets- Cyber Torrirism Battling the threats of internet Assoc. Prof. Dr. Sureswaran Ramadass National Advanced IPv6 Center - Director.

A N I NSIDE L OOK AT B OTNETS ARO-DHS S PECIAL W ORKSHOP ON M ALWARE D ETECTION, 2005 Written By: Paul Barford and Vinod Yegneswaran University of Wisconsin,

Topics to be covered 1. What are bots,botnet ? 2.How does it work? 4.Prevention of botnet. 3.Types of botnets.

Introduction to ITE Chapter 9 Computer Security. Why Study Security?  This is a huge area for computer technicians.  Security isn’t just anti-virus.

A Multifaceted Approach to Understanding the Botnet Phenomenon Authors : Moheeb Abu Rajab, Jay Zarfoss, Fabian Monrose, Andreas Terzis Computer Science.

Nullcon Goa 2010http://nullcon.net Botnet Mitigation, Monitoring and Management - Harshad Patil.

BOTNETS Presented By : Ramesh kumar Ramesh kumar 08EBKIT049 08EBKIT049 A BIGGEST THREAT TO INERNET.

Daniul Byrd. What are bots?  Software that automates tasks  Can network to share data and act in coordination.

Johannes Hassmund (2009), Project Report for Information Security Course, Linkoping University, Sweden. Speaker : Hung-Jen Chiang Studying IDS signatures.

Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.

1 Honeypot, Botnet, Security Measurement, Spam Cliff C. Zou CDA /01/07.

Speaker: Hom-Jay Hom Date:2009/11/17 Botnet, and the CyberCriminal Underground IEEE 2008 Hsin chun Chen Clinton J. Mielke II.

What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.

Omar Hemmali CAP 6135 Paul Barford Vinod Yegneswaran Computer Sciences Department University of Wisconsen, Madison.

Module  Introduction Introduction  Techniques and tools used to commit computer crimes Techniques and tools used to commit computer crimes.

Pacific Northwest Digital Government Summit Security – How Much is Enough? June 20, 2006 SA Kenneth A. Schmutz.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Network Forensics - III November 3, 2008.

Big Bad Botnet Day! Xeno Kovah In association with the Corporation for Public Botcasting, and Viewers Like You! Xeno Kovah In association with the Corporation.

Advanced Anti-Virus Techniques

January 07 th 2016 Intelligence Briefing NOT PROTECTIVELY MARKED.

Know your Enemy: Tracking Botnets The Honeynet Project & Research Alliance Presented by: Jonathan Dowdle.

BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection Presented by D Callahan.

Speaker: Hom-Jay Hom Date:2009/10/20 Botnet Research Survey Zhaosheng Zhu. et al July 28-August

Zhiyu Wan and Shunxing Bao BOTNET ATTACKS ON CYBER-PHYSICAL SYSTEM.

Incident Response Christian Seifert IMT st October 2007.

Botnets Borrowed from Brent ByungHoon Kang, GMU. A Network of Compromised Computers on the Internet IP locations of the Waledac botnet. Borrowed from.

Brett Stone-Gross, Marco Cova, Lorenzo Cavallaro, Bob Gilbert, Martin Szydlowski, Richard Kemmerer, Christopher Kruegel, and Giovanni Vigna Proceedings.

1 Botnets Group 28: Sean Caulfield and Fredrick Young ECE 4112 Internetwork Security Prof. Henry Owen.

Security Log Visualization with a Correlation Engine: Chris Kubecka Security-evangelist.eu All are welcome in the House of Bytes English Language Presentation.

Instructor Materials Chapter 7 Network Security

Risk of the Internet At Home

Marcial Quinones-Cardona

An overview over Botnets

Presentation transcript:

Sravanthi Vattikuti Sri Harsha Devabhaktuni BOTNETS Sravanthi Vattikuti Sri Harsha Devabhaktuni

What will we cover? What are botnets? What are they used for? How do they work? Attacks Detection Prevention Methods Future Challenges

Botnets “A botnet is a large collection of well-connected compromised machines, that interact to take part in some distributed task.” Bots (Zombies) Botmaster (Bot herder) Command and Control Server (C&C)

What are they used for? Communication Resource Sharing Curiosity Fun Financial Gain

How do they work?

How do they work?

How do they work?

How do they work?

Botnet Attacks Distributed Denial of Service (DDoS) Disable network services by consuming bandwidths Information Leakage Retrieve sensitive information by Key logging Click Fraud Obtain Higher click through rate (CTR) Identity Fraud Phishing Mail

Distributed Denial of Service (DDoS)

Click Fraud

Detection Methods Honeypot and Honeynet Prevent Detect Response Monitor

Detection Methods IRC-based Detection Detection based on traffic analysis Detection based on anomaly activities

Detection Methods DNS Tracking Monitor anti-virus and firewall logs Distinguish botnet based on a similarity value Monitor anti-virus and firewall logs Use IDS to watch for: IRC/P2P/Botnet activity Attacks and DoS traffic coming FROM your network

You’ve detected it, now what? Begin incident response Treat it like a virus infection First priority is removal of malware If possible, determine how it got on This will help prevent further infections Prevent it from happening again Patch, user awareness, etc.

Botnet Prevention Countermeasures for Public Firewall Equipment Countermeasures for Home Users Use anti-virus Attention while downloading Back-up all systems Countermeasures for System Administrator Monitor logs regularly Use network packet sniffer Isolate the malicious subnet Scan individual machine

The Future of Botnets Attackers are going to get better More complicated botnets will appear In-Depth analysis at different levels Flash Botnets Hard to distinguish malicious packages from regular traffic.

References www.korelogic.com/Resources/Presentations/botnets_issa.pdf Nicholas Ianelli, Aaron Hackworth, Botnets as a Vehicle for Online Crime, Carnegie Mellon University 2005. Wikipedia, “Botnet,” http://en.wikipedia.org/wiki/Botnet R. Puri, “Bots and botnets: an overview,” Tech. Rep., SANS Institute, 2003. Google bots, botnets, botmaster

Questions?