Skip to main content
SpringerLink
Log in

BlockRAT: An Enhanced Remote Access Trojan Framework via Blockchain

  • Conference paper
  • First Online:
Science of Cyber Security (SciSec 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13580))

Included in the following conference series:

  • 958 Accesses

Abstract

Remote Access Trojan (RAT) is a type of malicious software, aiming to infect victims’ computers through targeted attacks. Most existing RATs require a hacker to purchase a server, a domain name and many network resources to construct the infrastructure with a Command and Control (C2) channel. However, hackers’ information may be leaked or become traceable during the purchase of C2 channels and network resources. In this work, we propose BlockRAT, a blockchain-based RAT framework that can hide the hacker’s personal information with untraceability and low cost. We also introduce a method to help assess the suitability of blockchain types. In the evaluation, we take Network Infrastructure for Decentralized Internet (NKN) as a case study, and compare our BlockRAT with existing studies. The results indicate that BlockRAT can achieve upstream and downstream anonymity, low cost, and good extensibility.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Bitcoins, blockchains, and botnets. https://www.akamai.com/blog/security/bitcoins--blockchains--and-botnets

  2. Remove whisper API. https://github.com/ethereum/web3.py/pull/1791

  3. Virustotal. https://www.virustotal.com/

  4. Ali, Syed Taha, McCorry, Patrick, Lee, Peter Hyun-Jeen., Hao, Feng: ZombieCoin: powering next-generation botnets with bitcoin. In: Brenner, Michael, Christin, Nicolas, Johnson, Benjamin, Rohloff, Kurt (eds.) FC 2015. LNCS, vol. 8976, pp. 34–48. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48051-9_3

    Chapter  Google Scholar 

  5. Ali, S.T., McCorry, P., Lee, P.H.J., Hao, F.: Zombiecoin 2.0: managing next-generation botnets using bitcoin. International J. Inf. Secur. 17(4), 411–422 (2018)

    Google Scholar 

  6. Alibrahim, O., Malaika, M.: Botract: abusing smart contracts and blockchain for botnet command and control. Int. J. Inf. Comput. Secur. 17(1–2), 147–163 (2022)

    Google Scholar 

  7. Atluri, Anoop Chowdary, Tran, Vinh: Botnets threat analysis and detection. In: Traoré, Issa, Awad, Ahmed, Woungang, Isaac (eds.) Information Security Practices, pp. 7–28. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-48947-6_2

    Chapter  Google Scholar 

  8. Baden, M., Torres, C.F., Pontiveros, B.B.F., State, R.: Whispering botnet command and control instructions. In: 2019 Crypto Valley Conference on Blockchain Technology (CVCBT), pp. 77–81. IEEE (2019)

    Google Scholar 

  9. Böck, L., Alexopoulos, N., Saracoglu, E., Mühlhäuser, M., Vasilomanolakis, E.: Assessing the threat of blockchain-based botnets. In: 2019 APWG Symposium on Electronic Crime Research (eCrime), pp. 1–11. IEEE (2019)

    Google Scholar 

  10. Falco, G., Li, C., Fedorov, P., Caldera, C., Arora, R., Jackson, K.: Neuromesh: IoT security enabled by a blockchain powered botnet vaccine. In: Proceedings of the International Conference on Omni-Layer Intelligent Systems, pp. 1–6 (2019)

    Google Scholar 

  11. Frkat, D., Annessi, R., Zseby, T.: Chainchannels: Private botnet communication over public blockchains. In: 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), pp. 1244–1252. IEEE (2018)

    Google Scholar 

  12. Holz, T., Gorecki, C., Rieck, K., Freiling, F.C.: Measuring and detecting fast-flux service networks. In: NDSS (2008)

    Google Scholar 

  13. Lekssays, A., Landa, L., Carminati, B., Ferrari, E.: Pautobotcatcher: a blockchain-based privacy-preserving botnet detector for internet of things. Comput. Netw. 200, 108512 (2021)

    Article  Google Scholar 

  14. Makkar, I.K., Troia, F.D., Visaggio, C.A., Austin, T.H., Stamp, M.: Sociobot: a twitter-based botnet. Int. J. Secure. Network. 12(1), 1–12 (2017)

    Article  Google Scholar 

  15. Meng, W., Li, W., Zhou, J.: Enhancing the security of blockchain-based software defined networking through trust-based traffic fusion and filtration. Inf. Fusion 70, 60–71 (2021)

    Article  Google Scholar 

  16. Meng, W., Li, W., Zhu, L.: Enhancing medical smartphone networks via blockchain-based trust management against insider attacks. IEEE Trans. Eng. Manag. 67(4), 1377–1386 (2020)

    Article  Google Scholar 

  17. Mengidis, A.: Blockchain-based command and control for next generation botnets (2019)

    Google Scholar 

  18. Or-Meir, O., Nissim, N., Elovici, Y., Rokach, L.: Dynamic malware analysis in the modern era-a state of the art survey. ACM Comput. Surv. (CSUR) 52(5), 1–48 (2019)

    Article  Google Scholar 

  19. Quarterman, J.S., Sayin, S., Whinston, A.B.: Rustock botnet and ASNs. TPRC (2011)

    Google Scholar 

  20. Silva, S.S., Silva, R.M., Pinto, R.C., Salles, R.M.: Botnets: a survey. Comput. Netw. 57(2), 378–403 (2013)

    Article  Google Scholar 

  21. Spathoulas, G., Giachoudis, N., Damiris, G.P., Theodoridis, G.: Collaborative blockchain-based detection of distributed denial of service attacks based on internet of things botnets. Future Internet 11(11), 226 (2019)

    Article  Google Scholar 

  22. Sweeny, J.: Botnet resiliency via private blockchains. SANS Institute Information Security Reading Group (2017)

    Google Scholar 

  23. Yin, M., Chen, X., Wang, Q., Wang, W., Wang, Y.: Dynamics on hybrid complex network: Botnet modeling and analysis of medical IoT. Secur. Commun. Netw. 2019(5), 1–14 (2019)

    Google Scholar 

  24. Zhang, L., Yu, S., Wu, D., Watters, P.: A survey on latest botnet attack and defense. In: 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications, pp. 53–60. IEEE (2011)

    Google Scholar 

  25. Zohar, O.: Unblockable chains. https://github.com/platdrag/UnblockableChains. Accessed 12 Dec 2018

Download references

Acknowledgments

This work was supported by Natural Science Foundation of China under grant No. 62072133, Key projects of Guangxi Natural Science Foundation under grant No. 2018GXNSFDA281040

Author information

Authors and Affiliations

  1. School of Computer Science and Information Security, Guilin University of Electronic Technology, Guilin, 541004, China

    Yanze Kang, Xiaobo Yu & Yining Liu

  2. Department of Applied Mathematics and Computer Science, Technical University of Denmark, 2800, Kongens Lyngby, Denmark

    Weizhi Meng

Authors
  1. Yanze Kang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Xiaobo Yu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Weizhi Meng
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yining Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yining Liu .

Editor information

Editors and Affiliations

  1. University of Aizu, Aizuwakamatsu, Fukushima, Japan

    Chunhua Su

  2. Kyushu University, Fukuoka, Japan

    Kouichi Sakurai

  3. Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China

    Feng Liu

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Kang, Y., Yu, X., Meng, W., Liu, Y. (2022). BlockRAT: An Enhanced Remote Access Trojan Framework via Blockchain. In: Su, C., Sakurai, K., Liu, F. (eds) Science of Cyber Security. SciSec 2022. Lecture Notes in Computer Science, vol 13580. Springer, Cham. https://doi.org/10.1007/978-3-031-17551-0_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-17551-0_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-17550-3

  • Online ISBN: 978-3-031-17551-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation