Title :
A recoverable hybrid C&C botnet
Author :
Liu, Chaoge ; Lu, Weiqing ; Zhang, Zhiqi ; Liao, Peng ; Cui, Xiang
Author_Institution :
Beijing Univ. of Posts & Telecommun., Beijing, China
Abstract :
In this paper, we introduce the possible design of such a botnet called CoolBot which exploits a novel hybrid command and control (C&C) structure - hybrid P2P and URL Flux. The proposed CoolBot would have extremely desirable features - robustness and recoverability, that is, it could not only defend against popular attacks such as Sybil and routing table pollution attack but also could recover its C&C channel in a tolerable delay in case most of critical resources are destroyed, which promise to be appealing for botmasters. Our preliminary results show that the design of CoolBot is feasible and hard to defend against, consequently posing potential threat for Internet security. The goal of our work is to increase the understanding of advanced botnets which will promote the development of more efficient countermeasures. To conclude our paper, we suggest possible defenses against the emerging threat.
Keywords :
Internet; command and control systems; computer network security; peer-to-peer computing; C and C channel; CoolBot; Internet security; Sybil; URL flux; critical resources; hybrid P2P botnet; hybrid command and control structure; recoverable hybrid C and C botnet; routing table pollution attack; tolerable delay; Computer architecture; Peer to peer computing; Protocols; Radiation detectors; Robustness; Routing; Software;
Conference_Titel :
Malicious and Unwanted Software (MALWARE), 2011 6th International Conference on
Conference_Location :
Fajardo
Print_ISBN :
978-1-4673-0031-5
DOI :
10.1109/MALWARE.2011.6112334
