Abstract: Botnets are one of the most serious and widespread
cyber threats. Today botnets have been facilitating many
cybercrimes, especially financial, top secret thefts. Botnets can be
available for lease in the market and are utilized by the
cybercriminals to launch massive attacks like DDoS, click fraud,
phishing attacks etc., Several large institutions, hospitals, banks,
government organizations and many social networks such as twitter,
facebook etc., became the target of the botmasters. Recently,
noteworthy researches have been carried out to detect bot, C&C
channels, botnet and botmasters. Using many sophisticated
technologies, botmasters made botnet a titan of the cyber world.
Innumerable challenges have been put forth by the botmasters to the
researchers in the detection of botnet. In this paper we present a
survey of different types of botnet C&C channels and also provide a
comparison of various botnet categories. Finally we hope that our
survey will create awareness for forthcoming botnet research
endeavors.
Abstract: Worm propagation profiles have significantly changed
since 2003-2004: sudden world outbreaks like Blaster or Slammer
have progressively disappeared and slower but stealthier worms
appeared since, most of them for botnets dissemination. Decreased
worm virulence results in more difficult detection.
In this paper, we describe a stealth worm propagation model
which has been extensively simulated and analysed on a huge virtual
network. The main features of this model is its ability to infect any
Internet-like network in a few seconds, whatever may be its size while
greatly limiting the reinfection attempt overhead of already infected
hosts. The main simulation results shows that the combinatorial
topology of routing may have a huge impact on the worm propagation
and thus some servers play a more essential and significant role than
others. The real-time capability to identify them may be essential to
greatly hinder worm propagation.
Abstract: Recently, malware attacks have become more serious
over the Internet by e-mail, denial of service (DoS) or distributed
denial of service (DDoS). The Botnets have become a significant part
of the Internet malware attacks. The traditional botnets include three
parts – botmaster, command and control (C&C) servers and bots. The
C&C servers receive commands from botmaster and control the
distributions of computers remotely. Bots use DNS to find the
positions of C&C server. In this paper, we propose an advanced hybrid
peer-to-peer (P2P) botnet 2.0 (AHP2P botnet 2.0) using web 2.0
technology to hide the instructions from botmaster into social sites,
which are regarded as C&C servers. Servent bots are regarded as
sub-C&C servers to get the instructions from social sites. The AHP2P
botnet 2.0 can evaluate the performance of servent bots, reduce DNS
traffics from bots to C&C servers, and achieve harder detection bots
actions than IRC-based botnets over the Internet.