Presentation is loading. Please wait.

Presentation is loading. Please wait.

Combating Botnets Botnets are a complex and continuously evolving challenge to user confidence and security on the Internet. Introduction Botnets are.

Published byRandell Goodman Modified over 6 years ago

Similar presentations

Presentation on theme: "Combating Botnets Botnets are a complex and continuously evolving challenge to user confidence and security on the Internet. Introduction Botnets are."— Presentation transcript:

1 Combating Botnets Botnets are a complex and continuously evolving challenge to user confidence and security on the Internet. Introduction Botnets are networks made up of infected remote-controlled computers, used by cybercriminals for cyber attacks, to steal information, and other crime. They are considered one of the biggest threats to Internet security. Combating botnets requires cross-border and multidisciplinary collaboration, innovative technical approaches, and the widespread deployment of mitigation measures which respect the fundamental properties of the Internet.

2 Thus, one bad actor has control over many Internet-connected devices.
What is a botnet? An Internet-connected device becomes infected by malicious software (malware) which turns the device into a bot now under the control of a remote operator (bot herder) who uses command-and-control servers to perform automated tasks. Thus, one bad actor has control over many Internet-connected devices. Definition: Botnets are networks made up of remote-controlled computers, or bots. Computers includes computing devices like smartphones, laptops, PCs, and Internet of Things-enabled devices. These computers have been infected with malicious software that allows them to be remotely controlled. Some botnets consist of hundreds of thousands of computers. Various techniques are used to infect computers so they become bots. For example: luring users into downloading malware, exploiting Internet browser vulnerabilities, and tricking users into loading malware (e.g., as a result of opening an infected attachment), among other ways. The botnet’s creators can then decide what to do with the infected computers. Botnet malware is often designed to run in the background so users are unaware that their systems are infected. Botnets are frequently used for sending spam. They may also be used to: launch attacks on other computers, steal personal data and passwords, attack public and private networks, exploit users’ computing power and Internet access, and carry out Distributed Denial of Service (DDoS) attacks, among other usages. Botnets can be used to create more bots and bigger and/or new botnets.

3 Key Considerations Botnets impose economic and social costs on affected users, service providers, network operators, and society as a whole. A number of issues must be considered when addressing the problem of botnets: Geographic dispersion Impacts on user rights Impacts on technology use and innovation Botnets pose threats to Internet users, service providers, network operators, and society as a whole, and are difficult to eliminate. However, steps can be taken to reduce their impact and associated risks. There are three key issues which must be considered when addressing the problem of botnets: Geographic dispersion: Botnets can spread around the world very quickly. Infected computers and botnet herders operate in different countries and locations. Botnets thus require a collaborative approach to detection, mitigation, and law enforcement. EXAMPLE: The technical architecture of the Internet was conceived as cross-border and non-territorial from the onset. As such, fighting botnets requires a transnational approach. No one country or entity can fight them because of the Internet’s global reach. Impacts on user rights: We must consider the impact of solutions on fundamental user rights and expectations when approaching strategies to combat botnets. Mitigation strategies must be narrow (not broad) and must not violate rights of legitimate Internet users. EXAMPLE: Blocking all traffic from an infected network could unintentionally keep innocent users from accessing the Internet and exercising rights, such as freedom of expression and opinion. Impacts on technology use and innovation: Technology-specific strategies are less likely to address the overall problem of botnets, as their creators may change tactics to avoid new obstacles, and might make innovation online harder. EXAMPLE: A technical solution that restricts access to suspected infected networks would be unacceptable. This is because it would have negative consequences on the Internet’s openness, innovation potential, and global reach.

4 Challenges 1 Botnet strategies, technologies, and techniques are constantly evolving in response to mitigation measures. Botnets are cheap to deploy, hard to uncover, and easily available for purchase or hire. Botnet creators and herders are geographically dispersed from the offending bots and are skillful at hiding their locations and identities. Botnet operators actively search for vulnerable systems to infect. Botnets take advantage of the Internet's fundamental properties and its architectural design. 2 3 4 A number of factors contribute to the ongoing challenge of combating botnets: Botnets are constantly evolving and adapting as mitigation measures are put in place. Botnets are popular because they are cheap to deploy and operate and hard to uncover. In some cases, cybercriminals will establish a large network of machines and then sell access to this network to other criminals. Spammers, for example, may rent or buy a network in order to operate a large-scale spam campaign. Botnet creators and herders are in different countries around the world and are skillful at hiding their locations and identities. There are vulnerable computers connected to the Internet (i.e. those that are not sufficiently secured or whose users are susceptible to being lured into introducing malware onto their computers) and vulnerable end devices (i.e. botnet command and control servers and infected computers) Botnets are designed to take advantage of the Internet’s fundamental properties (the Internet Invariants) and its architectural design. The network does not—and cannot by architecture—discriminate or differentiate traffic generated by different applications. 5

5 Internet Society’s Collaborative Security Approach
Guiding Principles Fostering confidence and protecting opportunities Collective responsibility Fundamental properties and values Evolution and consensus Think globally, act locally Internet Society’s Collaborative Security Approach 1 2 3 Collaborative security approach: The Internet enables opportunities for economic and social prosperity globally. The starting point for botnet security solutions should be what solutions are needed to preserve those opportunities and to foster confidence in the Internet. Safe systems, safe devices, and containment are good ways to foster confidence. The security of the Internet is a shared responsibility. A collaborative, cross-border approach is important to combat the global threat of botnets. We will all be secure only when we are protecting ourselves – and our neighbors. Security solutions must preserve the fundamental, open nature of the Internet as well as fundamental human rights, values, and expectations. Achieving security objectives, while preserving these fundamental properties, rights and values is the real challenge. We must find solutions that build on lessons learned, which are developed by consensus, and which will evolve to meet whatever new threats emerge. Commercial competition, politics and personal motivation play a role in how well collaboration happens. But differences can and must be overcome to cooperate against a threat. Solutions should be implemented by people at the closest point where they can have the most impact. The most effective strategies against botnets are implemented by informal self-organizing groups that are built on trust among experts in the field. 4 5

6 Download the Briefing Paper.
Conclusion: The most effective solutions to botnets are likely to be reached by relying on the expertise of a broad set of stakeholders. Collaboration must be proactive and not reactive and happen through bottom-up self-organization. Strategies should focus on addressing the root cause of the problem. Addressing symptoms (i.e. spam) without also addressing the root cause (the botnet) may neglect other malicious botnet activities (i.e. theft of personal data). Policies and solutions should be agile enough to remain effective given the rapid evolution of botnets. Instead, solutions should specify a general strategy, thereby enabling the detailed implementation to be adaptable over times to new technologies and built on trust among experts in the field.

Download ppt "Combating Botnets Botnets are a complex and continuously evolving challenge to user confidence and security on the Internet. Introduction Botnets are."

Similar presentations

Chapter 1 We’ve Got Problems…. Four Horsemen  … of the electronic apocalypse  Spam --- unsolicited bulk email o Over 70% of email traffic  Bugs ---

Chapter 1 We’ve Got Problems…. Four Horsemen  … of the electronic apocalypse  Spam --- unsolicited bulk o Over 70% of traffic  Bugs ---
What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.

What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
Should there be a law that forbids people from sending email to thousands of people (spam)? By: Bennett Moss Daniel Hoyt Hizkias Neway Junyu Wang.

Should there be a law that forbids people from sending to thousands of people (spam)? By: Bennett Moss Daniel Hoyt Hizkias Neway Junyu Wang.
Final Exam Part 1. Internet Regulation Internet regulation according to internet society states that it is about restricting or controlling certain pieces.

Final Exam Part 1. Internet Regulation Internet regulation according to internet society states that it is about restricting or controlling certain pieces.
Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.

Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.
PREPAREDNESS AND RESPONSE TO CYBER THREATS REQUIRE A CSIRT By Jaco Robertson, Marthie Lessing and Simon Nare*

PREPAREDNESS AND RESPONSE TO CYBER THREATS REQUIRE A CSIRT By Jaco Robertson, Marthie Lessing and Simon Nare*
Security Awareness Challenges of Securing Information No single simple solution to protecting computers and securing information Different types of attacks.

Security Awareness Challenges of Securing Information No single simple solution to protecting computers and securing information Different types of attacks.
Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010.

Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010.
BOTNETS Presented By : Ramesh kumar Ramesh kumar 08EBKIT049 08EBKIT049 A BIGGEST THREAT TO INERNET.

BOTNETS Presented By : Ramesh kumar Ramesh kumar 08EBKIT049 08EBKIT049 A BIGGEST THREAT TO INERNET.
EU Funding opportunities 2014-2020: Rights, Equality and Citizenship Programme Justice Programme Jose Ortega European Commission DG Justice.

EU Funding opportunities : Rights, Equality and Citizenship Programme Justice Programme Jose Ortega European Commission DG Justice.
1 CERN’s Computer Security Challenges Denise Heagerty CERN Computer Security Officer Openlab Security Workshop, 27 Apr 2004.

1 CERN’s Computer Security Challenges Denise Heagerty CERN Computer Security Officer Openlab Security Workshop, 27 Apr 2004.
A FRICA INTERNET GOVERNANCE FORUM 2015 06-08 TH SEPTEMBER,2015 AFRICA UNION COMMISSION HQS, ADDIS ABABA,ETHIOPIA Presented By: Michael Ilishebo, ZAMBIA.

A FRICA INTERNET GOVERNANCE FORUM TH SEPTEMBER,2015 AFRICA UNION COMMISSION HQS, ADDIS ABABA,ETHIOPIA Presented By: Michael Ilishebo, ZAMBIA.
3.05 Protect Your Computer and Information Unit 3 Internet Basics.

3.05 Protect Your Computer and Information Unit 3 Internet Basics.
Topic 5: Basic Security.

Topic 5: Basic Security.
Module 2.2 1. 2  Introduction Introduction  Techniques and tools used to commit computer crimes Techniques and tools used to commit computer crimes.

Module  Introduction Introduction  Techniques and tools used to commit computer crimes Techniques and tools used to commit computer crimes.
1 Integrated Site Security Project Denise Heagerty CERN 22 May 2007.

1 Integrated Site Security Project Denise Heagerty CERN 22 May 2007.
Outline of this module By the end of this module, you will be able to: Identify the benefits of using social networking to communicate with family and.

Outline of this module By the end of this module, you will be able to: Identify the benefits of using social networking to communicate with family and.
Created by the E-PoliceSlide 122 February, 2012 Dangers of E-Mails By Michael Kuc.

Created by the E-PoliceSlide 122 February, 2012 Dangers of s By Michael Kuc.
Published: USENIX HotBots, 2007 Presented: Wei-Cheng Xiao 2016/10/11.

Published: USENIX HotBots, 2007 Presented: Wei-Cheng Xiao 2016/10/11.

Similar presentations

Ads by Google