Title :
Botnet Command and Control Mechanisms
Author :
Zeidanloo, Hossein Rouhani ; Manaf, Asrulnizam Abd
Author_Institution :
Fac. of Comput. Sci. & Inf. Syst., UTM Int. Campus, Kuala Lumpur, Malaysia
Abstract :
Botnet is most widespread and occurs commonly in today´s cyber attacks, resulting in serious threats to our network assets and organization´s properties. Botnets are collections of compromised computers (Bots) which are remotely controlled by its originator (BotMaster) under a common commond-and-control (C & C) infrastructure. They are used to distribute commands to the Bots for malicious activities such as distributed denial-of-service (DDoS) attacks, sending large amount of SPAM and other nefarious purposes. Understanding the Botnet C & C channels is a critical component to precisely identify, detect, and mitigate the Botnets threats. Therefore, in this paper we provide a classification of Botnets C & C channels and evaluate well-known protocols (e.g. IRC, HTTP, and P2P) which are being used in each of them.
Keywords :
invasive software; BotMaster; Botnet command mechanisms; HTTP protocols; IRC protocols; P2P protocols; SPAM; commond-and-control infrastructure; compromised computers; cyber attacks; distributed denial-of-service attacks; network assets; organization properties; Command and control systems; Computer crime; Computer science; Distributed computing; Electronic mail; Information systems; Internet; Protection; Turing machines; Unsolicited electronic mail; P2P; bot; botnet; centralized; decentralized;
Conference_Titel :
Computer and Electrical Engineering, 2009. ICCEE '09. Second International Conference on
Conference_Location :
Dubai
Print_ISBN :
978-1-4244-5365-8
Electronic_ISBN :
978-0-7695-3925-6
DOI :
10.1109/ICCEE.2009.151
