ABSTRACT
Growth of internet era and corporate sector dealings communication online has introduced crucial security challenges in cyber space. Statistics of recent large scale attacks defined new class of threat to online world, advanced persistent threat (APT) able to impact national security and economic stability of any country. From all APTs, botnet is one of the well-articulated and stealthy attacks to perform cybercrime. Botnet owners and their criminal organizations are continuously developing innovative ways to infect new targets into their networks and exploit them. The concept of botnet refers collection of compromised computers (bots) infected by automated software robots, that interact to accomplish some distributed task which run without human intervention for illegal purposes. They are mostly malicious in nature and allow cyber criminals to control the infected machines remotely without the victim's knowledge. They use various techniques, communication protocols and topologies in different stages of their lifecycle; also specifically they can upgrade their methods at any time. Botnet is global in nature and their target is to steal or destroy valuable information from organizations as well as individuals. In this paper we present real world botnet (APTs) survey.
- Sheharbano Khattak, Naurin Rasheed Ramay, Kamran Riaz Khan, Affan A. Syed, and Syed Ali Khayam 2014. Taxonomy of Botnet Behavior, Detection, and Defense. IEEE Communications Surveys & Tutorials, Vol. 16, No. 2, Second Quarter 2014Google ScholarCross Ref
- Tuhin Paul, Rohit Tyagi, B. S. Manoj 2014. Fast-flux Botnet Detection from Network Traffic, Indian Institute of Space Science and Technology, Thanudas B., Vikram Sarabhai Space Centre, ISRO, Thiruvananthapuram, India, 2014 Annual IEEE India Conference (INDICON)Google Scholar
- M. Tariq Banday, Nisar A. Shah. Study of Botnets and Their Threats to Internet Security, University of Kashmir, India, Jameel A. Qadri, BC College of North West London, UK, http://sprouts.aisnet.org/ 9--24Google Scholar
- G. Kirubavathi and R. Anitha 2014. Botnets: A Study and Analysis. Department of Mathematics and Computational Sciences, PSG College of Technology, Coimbatore, India, Springer India 2014Google Scholar
- N. Lee 2015. Cyber Warfare: Weapon of Mass Disruption. Counterterrorism and Cyber security, DOI 10.1007/978-3-319-17244-6_9, Springer International Publishing Switzerland 2015Google Scholar
- N. Hoque, D. K. Bhattacharyya, J. K. Kalita 2015. Department of Computer Science and Engineering Tezpur University Nappam, Tezpur, India. IEEE 2015Google Scholar
- Wei Zhang, Yue-Ji Wang, Xiao-Lei Wang, 2014. A Survey of Defense against P2P Botnets. Department of Carrier-Based Aircraft, Naval Aviation Academy, Huludao, China, College of Computer, National University of Defense Technology, Changsha, China,2014 IEEE 12th International Conference on Dependable, Autonomic and Secure Computing IMAGES Google ScholarDigital Library
- Joseph Massi, Sudhir Panda, Girisha Rajappa, Senthil Selvaraj, and Swapana Revankar 2010. Botnet Detection and Mitigation. Seidenberg School of CSIS, Pace University, White Plains, NY 10605, USA, CSIS, Pace University, May 7th, 2010Google Scholar
- Rain Ottis 2015. Cyber Warfare Tallinn University of Technology, Tallinn, Estonia, Springer International Publishing Switzerland 2015Google Scholar
- APT: http://www.mcafee.com/in/resources/white-papers/wp-combat-advanced-persist-threats.pdfGoogle Scholar
- List of Botnet: http://www.enigmasoftware.com/top-10-botnet-threats-in-the-united-states/Google Scholar
- Popular Botnets: http://www.spywareinfoforum.com/topic/136252-pandemic-of-the-botnets-2015/Google Scholar
- Botnet Threat Report: http://www.symantec.com/security_response/publications/threatreport.jspGoogle Scholar
- Botnet Introduction:http://www.microsoft.com/security/pc-security/botnet.aspxGoogle Scholar
- Old Botnets: http://www.pearsonitcertification.com/articles/article.aspx?p=1703672Google Scholar
- Brief Botware activity: https://www.shadowserver.org/wiki/pmwiki.php/Stats/BotnetChartsGoogle Scholar
- C&C Architecture: http://resources.infosecinstitute.com/botnets-how-do-they-work-architectures-and-case-studies-part-2/Google Scholar
- Bot Communication: https://www.damballa.com/downloads/r_pubs/WP_Botnet_Communications_Primer.pdfGoogle Scholar
- APT Brief: http://www.fortinet.com/sites/default/files/solutionbrief/threats-on-the-horizon-rise-of-advanced-persistent-threats.pdfGoogle Scholar
- APT introduction: https://apt.securelist.com/#firstPageGoogle Scholar
- Country wise bot activity: http://media.kaspersky.com/en/business-security/APT-Report.pdf?icid=en-GL:ent-galleryGoogle Scholar
- APT anatomy: https://www.websense.com/assets/white-papers/whitepaper-websense-advanced-persistent-threats-and-other-advanced-attacks-en.pdfGoogle Scholar
- Sources of attack: 2015 Bot Baseline, ANA & WHITE OPSGoogle Scholar
- DDOS by Botnet: https://securelist.com/files/2015/05/Statistics_on_botnet-assisted_DDoS_attacks_in_Q1_2015.pdfGoogle Scholar
- 2015 bot activity: https://www4.symantec.com/mktginfo/whitepaper/ISTR/21347931_GA-internet-security-threat-report-volume-20-2015-appendices.pdfGoogle Scholar
- List of Bot attacks: http://www.botfree.ro/en/article-botnet-assisted-attacks.htmlGoogle Scholar
- Sector of bot attacks: http://www.mcafee.com/in/resources/white-papers/wp-new-era-of-botnets.pdfGoogle Scholar
- Bot activity monitor: http://public.dhe.ibm.com/common/ssi/ecm/wg/en/wgw03057usen/WGW03057USEN.PDF?Google Scholar
- Introduction of Bot architecture: Anatomy of a Botnet, fortinet, whitepaper, www.fortinet.comGoogle Scholar
- Definitions of APT: and Advanced Persistent Threat Awareness, ISACA, trend micro, WWW.ISACA.ORG/CYBERSECURITYGoogle Scholar
- Advance Persistent Threat: Botnet
Recommendations
Behavioral analysis of botnets for threat intelligence
This paper examines the behavioral patterns of fast-flux botnets for threat intelligence. The Threat Intelligence infrastructure, which we have specifically developed for fast-flux botnet detection and monitoring, enables this analysis. Cyber criminals ...
Correlation Analysis between Spamming Botnets and Malware Infected Hosts
SAINT '11: Proceedings of the 2011 IEEE/IPSJ International Symposium on Applications and the InternetMany of recent cyber attacks are being launched by botnets for the purpose of carrying out large-scale cyber attacks such as spam emails, Distributed Denial of Service (DDoS), network scanning and so on. In many cases, these botnets consist of a lot of ...
Now that we are all so well-educated about spyware, can we put the bad guys out of business?
SIGUCCS '06: Proceedings of the 34th annual ACM SIGUCCS fall conference: expanding the boundariesThe phenomenon known variously as spyware, adware, or malware has grown exponentially in the past few years and has been swamping our computer systems, much like email spam but significantly worse in every sense of the word.Complicating the matter, the ...
Comments