An Advanced Hybrid P2p Botnet 2.0

Recently, malware attacks have become more serious over the Internet by e-mail, denial of service (DoS) or distributed denial of service (DDoS). The Botnets have become a significant part of the Internet malware attacks. The traditional botnets include three parts – botmaster, command and control (C&C) servers and bots. The C&C servers receive commands from botmaster and control the distributions of computers remotely. Bots use DNS to find the positions of C&C server. In this paper, we propose an advanced hybrid peer-to-peer (P2P) botnet 2.0 (AHP2P botnet 2.0) using web 2.0 technology to hide the instructions from botmaster into social sites, which are regarded as C&C servers. Servent bots are regarded as sub-C&C servers to get the instructions from social sites. The AHP2P botnet 2.0 can evaluate the performance of servent bots, reduce DNS traffics from bots to C&C servers, and achieve harder detection bots actions than IRC-based botnets over the Internet.

Authors:

• T. T. Lu
• H.Y. Liao
• M .F. Chen

Keywords:

• Peer-to-peer
• Botnets
• Botnet 2.0
• Hybridpeer-to-peer

References:

[1] J. A. Morales, S. Xu, and R. Sandhu, "Analyzing DNS Activities of Bot
Processes, " in Proc. IEEE Int. Conf. Malicious and Unwanted Software.,
pp. 98-103, Oct. 2009.
[2] D. I. Jang, M. Kim, H. C. Jung, and B. N. Noh, "Analysis of HTTP2P
Botnet: Case Study Waledac," in Proc. IEEE Int. Conf. Communications,
pp. 409-412, Dec. 2009.
[3] J. B. Grizzard, V. Sharma, C. Nunnery, B. B. Kang, and D. Dagon, ,
"Peer-to-peer botnets: Overview and case study", in Proce. Hot Topics in
Understanding Botnets, pp. 1-8, April 2007.
[4] S. Chang, L. Zhang, Y. Guan, and T. E. Daniels,"A Framework for P2P
Botnets", in Proc. IEEE Int. Conf. Communications and Mobile
Computing, pp 594-599, Jan. 2009.
[5] G. Jian, Y. Yang, K. F. Zheng, and Z. M Hu, "Research of An Innovative
P2P-Based Botnet", in Proc. IEEE Int. Conf. Machine Vision and
Human-machine Interface, pp 214-218, April 2010.
[6] P. Wang, S. Sparks, and C. C Zou, "An Advanced Hybrid Peer-to-Peer
Botnet" IEEE Trans. Dependable and Computing., vol. 7, no. 2, pp.
113-127. April-Jun 2010.
[7] J. Xie, and L. Tan, "Detection Methods Research of Half Distributed P2P
Botnet", Application Research of Computers, vol. 26, no. 10, pp.
3925-3928. Oct. 2009.
[8] P. Hung, and L. Tan, "Design and Implementation of Partially
Decentralized P2P Botnet Control", Journal of Computer Applications,
vol. 29, no. 9, 2009, pp. 2446-2449.
[9] H. Nguyen, P. Josef, 2010, "Protecting Web 2.0 Services from Botnet
Exploitations", in Proc. IEEE Int. Conf. Cybercrime and Trustworthy
Computing Workshop., pp.18-28. July 2010.