Speaker : YUN–KUAN,CHANG Date : 2009/10/13 Working the botnet: how dynamic DNS is revitalising the zombie army.

Slides:

Advertisements

Similar presentations

HQ in Israel Threat research, security operations center 24/7. In-depth understanding and insight into how cyber crime works. Over 10 million online identities.

Advertisements

Protect your PC virus, worm, Trojan horse, phishing, spam, botnet and zombies, spoofing, social engineering, identity theft, spyware, rootkits Click.

Supplied on \web site. on January 10 th, 2008 Customer Security Management Reducing Internet fraud June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited.

The Integritas System to enforce Integrity in Academic Environments Prof Basie von Solms Mr Jaco du Toit Prof Basie Von Solms Academy for IT University.

Social Network Security Issues: Social Engineering and Phishing Attacks Jeffrey Allen, Leon Gomez, Marlon Green, Phillip Ricciardi, Christian Sanabria.

SECURITY CHECK Protecting Your System and Yourself Source:

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.

Network and Internet Security and Privacy.  Explain network and Internet security concerns  Identify online threats.

The development of Internet A cow was lost in Jan 14th If you know where it is, please contact with me. My QQ number is QQ is one of the.

MOSQUITO BREEDING ATTACK: Spread of bots using Peer To Peer INSTRUCTOR: Dr.Cliff Zou PRESENTED BY : BHARAT SOUNDARARAJAN & AMIT SHRIVATSAVA.

Internet Phishing Not the kind of Fishing you are used to.

The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.

CS426Fall 2010/Lecture11 Computer Security CS 426 Lecture 1 Overview of the Course.

BOTNETS/Cyber Criminals  How do we stop Cyber Criminals.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

Australian High Tech Crime Centre What is cybercrime & trends Monday 5 November 2007.

Teach a man (person) to Phish Recognizing scams, spams and other personal security attacks July 17 th, 2013 High Tea at IT, Summer, 2013.

BOTNETS & TARGETED MALWARE Fernando Uribe. INTRODUCTION  Fernando Uribe   IT trainer and Consultant for over 15 years specializing.

Botnets Uses, Prevention, and Examples. Background Robot Network Programs communicating over a network to complete a task Adapted new meaning in the security.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.

Web Security Demystified Justin C. Klein Keane Sr. InfoSec Specialist University of Pennsylvania School of Arts and Sciences Information Security and Unix.

Botnets An Introduction Into the World of Botnets Tyler Hudak

Outline  Infections  1) r57 shell  2) rogue software  What Can We Do?  1) Seccheck  2) Virus total  3) Sandbox  Prevention  1) Personal Software.

Internet Security Aspects Dr. Gulshan Rai Director Indian Computer Emergency Response Team (CERT-In) Department of Information Technology.

B OTNETS T HREATS A ND B OTNETS DETECTION Mona Aldakheel

PART THREE E-commerce in Action Norton University E-commerce in Action.

BotNet Detection Techniques By Shreyas Sali

Cyber crime & Security Prepared by : Rughani Zarana.

Lesson 2- Protecting Yourself Online. Determine the strength of passwords Evaluate online threats Protect against malware/hacking Protect against identity.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 45 How Hackers can Cripple the Internet and Attack Your PC How Hackers can Cripple the.

Bots Used to Facilitate Spam Matt Ziemniak. Discuss Snort lab improvements Spam as a vehicle behind cyber threats Bots and botnets What can be done.

Jeong, Hyun-Cheol. 2 Contents DDoS Attacks in Korea 1 1 Countermeasures against DDoS Attacks in Korea Countermeasures against DDoS Attacks in.

Topics to be covered 1. What are bots,botnet ? 2.How does it work? 4.Prevention of botnet. 3.Types of botnets.

Introduction to ITE Chapter 9 Computer Security. Why Study Security?  This is a huge area for computer technicians.  Security isn’t just anti-virus.

Phishing Pharming Spam. Phishing: Definition  A method of identity theft carried out through the creation of a website that seems to represent a legitimate.

BOTNETS Presented By : Ramesh kumar Ramesh kumar 08EBKIT049 08EBKIT049 A BIGGEST THREAT TO INERNET.

Lecture 18 Page 1 Advanced Network Security Distributed Denial of Service Attacks Advanced Network Security Peter Reiher August, 2014.

Not So Fast Flux Networks for Concealing Scam Servers Theodore O. Cochran; James Cannady, Ph.D. Risks and Security of Internet and Systems (CRiSIS), 2010.

International Telecommunication Union Geneva, 9(pm)-10 February 2009 Fighting cybercrime in 2009 Magnus Kalkuhl, Senior Virus Analyst Kaspersky Lab ITU-T.

What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.

BY SYDNEY FERNANDES T.E COMP ROLL NO: INTRODUCTION Networks are used as a medium inorder to exchange data packets between the server and clients.

Module  Introduction Introduction  Techniques and tools used to commit computer crimes Techniques and tools used to commit computer crimes.

Computer Skills and Applications Computer Security.

Big Bad Botnet Day! Xeno Kovah In association with the Corporation for Public Botcasting, and Viewers Like You! Xeno Kovah In association with the Corporation.

Speaker: Hom-Jay Hom Date:2009/10/20 Botnet Research Survey Zhaosheng Zhu. et al July 28-August

Cybersecurity Test Review Introduction to Digital Technology.

-SHAMBHAVI PARADKAR TE COMP  PORT SCANNING.  DENIAL OF SERVICE(DoS). - DISTRIBUTED DENIAL OF SERVICE(DDoS). REFER Pg.637 & Pg.638.

Brett Stone-Gross, Marco Cova, Lorenzo Cavallaro, Bob Gilbert, Martin Szydlowski, Richard Kemmerer, Christopher Kruegel, and Giovanni Vigna Proceedings.

1 Botnets Group 28: Sean Caulfield and Fredrick Young ECE 4112 Internetwork Security Prof. Henry Owen.

Denial of Service A comparison of DoS schemes Kevin LaMantia COSC 316.

1 Web Technologies Website Publishing/Going Live! Copyright © Texas Education Agency, All rights reserved.

Created by the E-PoliceSlide 122 February, 2012 Dangers of s By Michael Kuc.

DNS Security Risks Section 0x02. Joke/Cool thing traceroute traceroute c

Chapter 7: Identifying Advanced Attacks

CYBER SECURITY...

Instructor Materials Chapter 7 Network Security

Speaker : YUN–KUAN,CHANG Date : 2009/11/17

Phishing is a form of social engineering that attempts to steal sensitive information.

Securing Information Systems

Risk of the Internet At Home

Computer Security.

Presentation slide for courses, classes, lectures et al.

The Internet: Encryption & Public Keys

WJEC GCSE Computer Science

Test 3 review FTP & Cybersecurity

Wireless Spoofing Attacks on Mobile Devices

Presentation transcript:

Speaker : YUN–KUAN,CHANG Date : 2009/10/13 Working the botnet: how dynamic DNS is revitalising the zombie army

Outline 2 Introduction How botnets began Island hopping botnets Phishing with botnets Exploiting DNS Devilish uses for dynamic DNS Fighting online crime with databases Fixing DNS No silver bullet

Introduction Years ago hackers were little more than script kiddies who busied themselves in their bedrooms writing malicious code. The criminal underground has found its way into online scams, creating a boom in cybercrime. Criminals have realised that they can make a lot of money with relatively little risk. 3

How botnets began Botnets emerged in the late nineties, as ecommerce proliferated and the internet’s user base grew. Once compromised, these PCs become ‘bots’, ready to carry out the commands of the botnet controller, or botmaster. A typical use of botnets is running spamming campaigns. 4

Island hopping botnets A recent ploy favoured by spam-issuing botmasters is island hopping. A botnet is often used to steal PINs, passwords and other sensitive information from home PC users, which is then fed back to the botmaster. Harvesting and controlling a huge number of PCs gives the botmaster enormous power. For example, he can launch distributed denial of service (DDoS) attacks for revenge or profit. 5

Phishing with botnets Distributing the attack also has the advantage of ensuring that the attacker is untraceable. The boom in the theft of personal information has also given rise to botnet malware with phishing capabilities. Advanced malware triggers the bot to display a web page mimicking a legitimate site. 6

Exploiting DNS 1/2 Botnets themselves are as versatile as they are valuable. That being able to make a bot even more agile, to be able to exploit even more vulnerabilities, is an exciting prospect for the botmaster. By using dynamic DNS, websites can be hosted from an IP address that is constantly changing. This way, their website or domain is always available, regardless of the IP address it is using. 7

Exploiting DNS 2/2 8

Devilish uses for dynamic DNS This service can be used for illegitimate purposes. Criminals can use it to keep phishing sites online for longer. Let’s imagine a fictional domain registered with the dynamic DNS service called 123.net.the website at its IP address is a phishing site. When the phishing site is discovered the botmaster simply logs into the dynamic DNS account and changes the IP address of the fake site to point to a new address hosting another phishing site. 9

Fighting online crime with databases One way of combating phishing attacks is to build databases that contain lists of all known phishing websites. OpenDNS, a company that specializes in domain name resolution, is more astute. Rather than keeping the information to itself, OpenDNS has created a phishing database that can be accessed by anyone. criminals circumvent phishing databases by using zombie PCs to operate as rogue DNS servers on compromised systems. 10

Fixing DNS 1/2 One solution is to make the DNS system more secure, called Domain Name System Security Extensions(DNSSEC), intended to secure certain kinds of information provided by the Domain Name System. Many believe that deploying DNSSEC will help in securing the Internet as a whole, but there are challenges. 11

Fixing DNS 2/2 Years ago, many botnets could be disabled by isolating and shutting down the control server to which all the bots reported. Compromised PCs then had no central server to report to, or receive instructions from, and were essentially useless. Dynamic DNS solves this problem for botmasters, by continuously enabling the bots to report to a valid address. 12

No silver bullet Will dynamic DNS and domain management be the conduit for future hacking attacks? It’s impossible to know. The cat and mouse relationship between the hacker and the security industry. Technicians can continue to refine standards and tools at the network’s core, but protection from online crime starts at the edge of the network, with the people using it. 13