Botnet command and control mechanisms
Botnet is most widespread and occurs commonly in today‘s cyber attacks, resulting in serious threats to our network assets and organization’s properties. Botnets are collections of compromised computers (Bots) which are remotely controlled by its originator (BotMaster) under a common Commond-and-...
Saved in:
Main Authors: | , |
---|---|
Format: | Conference or Workshop Item |
Published: |
2009
|
Subjects: | |
Online Access: | http://eprints.utm.my/id/eprint/14883/ http://dx.doi.org/10.1109/ICCEE.2009.151 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Summary: | Botnet is most widespread and occurs commonly in today‘s cyber attacks, resulting in serious threats to our network assets and organization’s properties. Botnets are
collections of compromised computers (Bots) which are
remotely controlled by its originator (BotMaster) under a
common Commond-and-Control (C&C) infrastructure. They
are used to distribute commands to the Bots for malicious
activities such as distributed denial-of-service (DDoS) attacks, sending large amount of SPAM and other nefarious purposes. Understanding the Botnet C&C channels is a critical component to precisely identify, detect, and mitigate the Botnets threats. Therefore, in this paper we provide a classification of Botnets C&C channels and evaluate wellknown protocols (e.g. IRC, HTTP, and P2P) which are being used in each of them. |
---|