of the 4th International Conference on Emerging Security Information Systems and Technologies (SECURWARE) (2010). Defaming botnet toolkits: A bottom-up approach to mitigating the threat.
ORMEROD, T., WANG, L., DEBBABI, M., YOUSSEF, A., BINSALLEEH, H., BOUKHTOUTA, A., AND SINHA, P. of the 8th international conference on Applied cryptography and network security (ACNS) (2010), pp. 
Social network-based botnet command-and-control: emerging threats and countermeasures. "Botherder" dealt record prison sentence for selling and spreading malicious computer code, 2006. of the 4th European Conference on Computer Network Defense (EC2ND) (2008), pp. Security problems in 802.11-based networks. of the 25th Annual Computer Security Applications Conference (ACSAC) (2009). Active botnet probing to identify obscure command and control channels. GU, G., YEGNESWARAN, V., PORRAS, P., STOLL, J., AND LEE, W.
of the 10th European Symposium On Research In Computer Security (ESORICS) (2005). Botnet tracking: Exploring a root-cause methodology to prevent distributed denial-of-service attacks. In login: The USENIX Magazine (December 2008). Command and control structures in malware: From handler/agent to P2P. of the 24th Annual Computer Security Applications Conference (ACSAC) (2007), pp. of the 26th Annual Computer Security Applications Conference (ACSAC) (2010). Friends of an enemy: Identifying local members of peer-to-peer botnets using mutual contacts.
COSKUN, B., DIETRICH, S., AND MEMON, N. Combating botnets using the Cisco ASA botnet traffic filter, 2009. In Computer Security Foundations Workshop. My botnet is bigger than yours (maybe, better than yours): why size estimates remain challenging. In this paper we present a working example, SkyNET complete with a prototype attack drone, discuss the reality of using such a command and control method, and provide insight on how to prevent against such attacks. An analyst is forced to observe the autonomous attack drone to bridge the command and control gap. Reverse engineering the botnet, or enumerating the bots, does not reveal the identity of the botmaster. Subsequent drone flights are used to issue command and control without ever linking the botmaster to the botnet via the Internet. When a host is compromised it joins both the Internet-facing botnet, and the sun-facing SkyNET. Once compromised, the drone attacks the local hosts. The drones are programmed to scour an urban area and compromise wireless networks. The SkyNET is used by a botmaster to command their botnet(s) without using the Internet. The network is comprised of machines on home Wi-Fi networks in a proximal urban area, and one or more autonomous attack drones. SkyNET is a stealth network that connects hosts to a bot-master through a mobile drone.
0 kommentar(er)
