Botnets Research Papers - Academia.edu (original) (raw)

Botnets continue to be an active threat against firms or companies and individuals worldwide. Previous research regarding botnets has unveiled information on how the system and their stakeholders operate, but an insight on the economic... more

Botnets continue to be an active threat against firms or companies and individuals worldwide. Previous research regarding botnets has unveiled information on how the system and their stakeholders operate, but an insight on the economic structure that supports these stakeholders is lacking. The objective of this research is to analyse the business model and determine the revenue stream of a botnet owner. We also study the botnet life-cycle and determine the costs associated with it on the basis of four case studies. We conclude that building a full scale cyber army from scratch is very expensive where as acquiring a previously developed botnet requires a little cost. We find that initial setup and monthly costs were minimal compared to total revenue.

• • by and +1
  • •
  • Economics of Security, Network Security, Botnets

In recent times, organisations in a variety of businesses, such as healthcare, education, and others, have been using the Internet of Things (IoT) to produce more competent and improved services. The widespread use of IoT devices makes... more

In recent times, organisations in a variety of businesses, such as healthcare, education, and others, have been using the Internet of Things (IoT) to produce more competent and improved services. The widespread use of IoT devices makes our lives easier. On the other hand, the IoT devices that we use suffer vulnerabilities that may impact our lives. These unsafe devices accelerate and ease cybersecurity attacks, specifically when using a botnet. Moreover, restrictions on IoT device resources, such as limitations in power consumption and the central processing unit and memory, intensify this issue because they limit the security techniques that can be used to protect IoT devices. Fortunately, botnets go through different stages before they can start attacks, and they can be detected in the early stage. This research paper proposes a framework focusing on detecting an IoT botnet in the early stage. An empirical experiment was conducted to investigate the behaviour of the early stage of the botnet, and then a baseline machine learning model was implemented for early detection. Furthermore, the authors developed an effective detection method, namely, Cross CNN_LSTM, to detect the IoT botnet based on using fusion deep learning models of a convolutional neural network (CNN) and long short-term memory (LSTM). According to the conducted experiments, the results show that the suggested model is accurate and outperforms some of the state-of-the-art methods, and it achieves 99.7 accuracy. Finally, the authors developed a kill chain model to prevent IoT botnet attacks in the early stage.

• • by Daniyal Alghazzawi and +1
  • •
  • Deep Learning, Botnets

The proliferation of malicious Command and Control (C&C) servers or botnets is a very big security issue in the Internet today. Triggering malware can be found in most known, popular and visited websites. Any user who is tricked in... more

The proliferation of malicious Command and Control (C&C) servers or botnets is a very big security issue in the Internet today. Triggering malware can be found in most known, popular and visited websites. Any user who is tricked in clicking something interesting (usually an advertisement) is redirected to a malicious website or unknowingly forced to install a malware that makes them a victim (also known as zombie). When a lot of users have been victimized, malware is stored in their computers in stealth mode. When thousands or millions of computers are infected, the leader can order all infected machines to do something malicious like attacking servers to cause Distributed Denial of Service (DDOS) and other attacks on confidentiality. Only in 2013, the FBI discovered millions of machines were infected by a botnet called Citadel. The agency was able to shutdown the server leaving the victims still infected. Anti-virus and firewall solutions are defenseless in this type of attacks bec...

• • by Justin David Pineda
  • •
  • Engineering, Information Security, Intrusion Detection Systems, Botnets
• • by Kostantinos Demertzis
  • •
  • Computer Science, Machine Learning, Data Mining, Computational Intelligence

With the raise in practice of Internet, in social, personal, commercial and other aspects of life, the cybercrime is as well escalating at an alarming rate. Such usage of Internet in diversified areas also augmented the illegal... more

With the raise in practice of Internet, in social, personal, commercial and other aspects of life, the cybercrime is as well escalating at an alarming rate. Such usage of Internet in diversified areas also augmented the illegal activities, which in turn, bids many network attacks and threats. Network forensics is used to detect the network attacks. This can be viewed as the extension of network security. It is the technology, which detects and also suggests prevention of the various network attacks. Botnet is one of the most common attacks and is regarded as a network of hacked computers. It captures the network packet, store it and then analyze and correlate to find the source of attack. Various methods based on this approach for botnet detection are in literature, but a generalized method is lacking. So, there is a requirement to design a generic framework that can be used by any botnet detection. This framework is of use for researchers, in the development of their own method of botnet detection, by means of providing methodology and guidelines. In this paper, various prevalent methods of botnet detection are studied, commonalities among them are established and then a generalized model for the detection of botnet is proposed. The proposed framework is described as UML diagrams.

• • by Amandeep Verma
  • •
  • Computer Science, Forensics, Computer Forensics, Network Security

Among various cyber threats, a DDoS attack is one of the major Internet threats that can affect anyone and even cause tremendous financial damage to organization that uses cloud-based services, while the mitigation of this threat can be... more

Among various cyber threats, a DDoS attack is one of the major Internet threats that can affect anyone and even cause tremendous financial damage to organization that uses cloud-based services, while the mitigation of this threat can be highly difficult considering the complex infrastructure that it uses to perform its malicious activities. For that purpose it’s important to think proactively rather than reactively when addressing the protection against this type of attacks. The overview of botnets and some of the countermeasures against this threat were discussed in this paper.

• • by Roman Fekolkin
  • •
  • Information Systems, Computer Security And Reliability, Information Science, Information Technology

... potential malware, and the number of such websites has increased by around 190,0000 since 2008 (see Google's Safe Browsing ... We used the Windows command Ipconfig/displaydns to display the contents of the DNS resolver cache... more

... potential malware, and the number of such websites has increased by around 190,0000 since 2008 (see Google's Safe Browsing ... We used the Windows command Ipconfig/displaydns to display the contents of the DNS resolver cache after pinging the domain ... View Within Article. ...

• • by Indushobha Chengalur-Smith
  • •
  • Engineering, Sociology, Information Security, Technology and Society

The results of botnet detection methods are usually presented without any comparison. Although it is generally accepted that more comparisons with third-party methods may help to improve the area, few papers could do it. Among the factors... more

The results of botnet detection methods are usually presented without any comparison. Although it is generally accepted that more comparisons with third-party methods may help to improve the area, few papers could do it. Among the factors that prevent a comparison are the difficulties to share a dataset, the lack of a good dataset, the absence of a proper description of the methods and the lack of a comparison methodology. This paper compares the output of three different botnet detection methods by executing them over a new, real, labeled and large botnet dataset. This dataset includes botnet, normal and background traffic. The results of our two methods (BClus and CAMNEP) and BotHunter

• • by Sebastian Garcia
  • •
  • Computer Science, Machine Learning, Network Security, Computer Networks

The study designs an approach that takes advantage of platforms that allows bots to interact with its users using Instant Messaging .The proposed system models a botnet that enables bidirectional flow of communication between the... more

• • by Rishabh Upadhyay
  • •
  • Botnets
• • by meisam eslahi
  • •
  • Computer Science, Information Security, Computer Security, Survey
• • by Emre Dolu and +1
  • •
  • Computer Science, Software Engineering, Network Security, Computer Security
• • by Sherly Abraham and +1
  • •
  • Sociology, Information Security, Technology and Society, Social Software

Challenges for detection of botnet for forensic investigation is crucial because new models of botnet using different techniques are emerging everyday by lurking attackers in a deep web. Locating c&c servers of a botnet through usual... more

Challenges for detection of botnet for forensic investigation is crucial because new models of botnet using different techniques are emerging everyday by lurking attackers in a deep web. Locating c&c servers of a botnet through usual methods might be useful in some cases when there are defects in the architecture & its inner implementation of botnet. In this paper several possibilities of making a different types of botnet are discussed, which can make detection of botmaster and c&c servers complex when usual botnet detection methods are used. This gives opportunities to the security professionals to explore different botnet architectures, its operations, locating c&c (command and control) servers & botmaster. It will encourage security professional for finding new techniques for detection of botnet & find the procedure for dealing with the same. A combination of various techniques and approaches can develop a new type of botnet which contains different perspectives that makes detection and location of botmaster and c&c servers intricate, which will also break open paths for the white hats to fight on such cyber weapons.

• • by Journal of Computer Science IJCSIS
  • •
  • Information Systems, Computer Science, Information Science, Information Technology

— The use of Internet and its related services is increasing day by day. Many million people everyday surf net and use it for various reasons. With so much use of internet, the threats related to security are the major concern of today.... more

— The use of Internet and its related services is increasing day by day. Many million people everyday surf net and use it for various reasons. With so much use of internet, the threats related to security are the major concern of today. There are many security concerns or threats faced by the net surfers and that is because of malwares which have many forms such as viruses, worms, trojans horses, rootkits, botnets and various other forms of data attacks. Among all the threats mentioned above, botnet seems to be quite prevalent now days. It has already spread its roots in Wide Area Network (WAN) such as Internet and continuously spreading at very high pace. Botnet is a network of computers where the computers are infected by installing in them a harmful program. Each computer as a part of Botnet is called a bot or zombie. A Botnet is remotely controlled by a person who commands and controls the bots through a server called command and control sever(C&C). Such person who commands the bots is called a botmaster or bot herder. This paper is written to serve the objective to perform an extensive study of core problem that is the study and detection of Botnets.This paper focuses on the study of malwares where special emphasis is put on botnets and their detection.

• • by IJAERS Journal
  • •
  • Malware Analysis, Botnets, Spam Filtering, IRC Server
• • by Lennon Chang
  • •
  • Cyber crime, Russia, Ethical Hacking, Supply Chian Management

Android is increasingly being targeted by malware since it has become the most popular mobile operating system worldwide. Evasive malware families, such as Chamois, designed to turn Android devices into bots that form part of a larger... more

Android is increasingly being targeted by malware since it has become the most popular mobile operating system worldwide. Evasive malware families, such as Chamois, designed to turn Android devices into bots that form part of a larger botnet are becoming prevalent. This calls for more effective methods for detection of Android botnets. Recently, deep learning has gained attention as a machine learning based approach to enhance Android botnet detection. However, studies that extensively investigate the efficacy of various deep learning models for Android botnet detection are currently lacking. Hence, in this paper we present a comparative study of deep learning techniques for Android botnet detection using 6802 Android applications consisting of 1929 botnet applications from the ISCX botnet dataset. We evaluate the performance of several deep learning techniques including: CNN, DNN, LSTM, GRU, CNN-LSTM, and CNN-GRU models using 342 static features derived from the applications. In our experiments, the deep learning models achieved state-of-the-art results based on the ISCX botnet dataset and also outperformed the classical machine learning classifiers.
Citation: Yerima, S.Y.; Alzaylaee, M.K.; Shajan, A.; P, V. Deep Learning

• • by Suleiman Y Yerima and +2
  • •
  • Machine Learning, Android, Malware, Deep Learning

This article offers a reading of internet-based activism or 'hacktivism' as a phenomenon that cannot be confined to the instrumental use of information technologies. It focuses on a subset of hacktivism – the distributed-denial-of-service... more

This article offers a reading of internet-based activism or 'hacktivism' as a phenomenon that cannot be confined to the instrumental use of information technologies. It focuses on a subset of hacktivism – the distributed-denial-of-service (DDoS) attack for political ends – that aims at making an internet host unavailable to its intended users. Since the early 2000s these attacks have been increasingly conducted by means of botnets – networks of infected computers that send bogus requests to a target website without the consent of their users. The capacity of botnets to engender a more-than-human politics is analyzed from two distinct theoretical angles. First, drawing from Deleuze and Guattari, the hacktivist DDoS is discussed as an assemblage of signifying and a-signifying components, voluntary and involuntary actions. Second, Gilbert Simondon's notions of transindividuation and transduction allow for a conceptualization of hacktivism as a sociotechnical assemblage with a high degree of indetermination.

• • by Marco Deseriis
  • •
  • Gilbert Simondon, Hacktivism, Gilles Deleuze and Felix Guattari, Anonymous

The popularity of IoT smart things is rising, due to the automation they provide and its effects on productivity. However, it has been proven that IoT devices are vulnerable to both well established and new IoT-specific attack vectors. In... more

The popularity of IoT smart things is rising, due to the automation they provide and its effects on productivity. However, it has been proven that IoT devices are vulnerable to both well established and new IoT-specific attack vectors. In this paper, we propose the Particle Deep Framework, a new network forensic framework for IoT networks that utilised Particle Swarm Optimisation to tune the hyperpa-rameters of a deep MLP model and improve its performance. The PDF is trained and validated using Bot-IoT dataset, a contemporary network-traffic dataset that combines normal IoT and non-IoT traffic, with well known botnet-related attacks. Through experimentation, we show that the performance of a deep MLP model is vastly improved, achieving an accuracy of 99.9% and false alarm rate of close to 0%.

• • by Computer Science & Information Technology (CS & IT) Computer Science Conference Proceedings (CSCP) and +1
  • •
  • Network Forensics, Particle Swarm Optimization, Deep Learning, Botnets

To enable more effective mitigation of Android botnets, image-based detection approaches offer great promise. Such image-based or visualization methods provide detection solutions that are less reliant on hand-engineered features which... more

To enable more effective mitigation of Android botnets, image-based detection approaches offer great promise. Such image-based or visualization methods provide detection solutions that are less reliant on hand-engineered features which require domain knowledge. In this paper we propose Bot-IMG, a framework for visualization and image-based detection of Android botnets using machine learning. Furthermore, we evaluated the efficacy of Bot-IMG framework using the ISCX botnet dataset. In particular, we implement an imagebased detection method using Histogram of Oriented Gradients (HOG) as feature descriptors within the framework, and utilized Autoencoders in conjunction with traditional machine learning classifiers. From the experiments performed, we obtained up to 95.3% classification accuracy using train-test split of 80:20 and 93.1% classification accuracy with 10-fold cross validation.

• • by Suleiman Y Yerima
  • •
  • Computer Science, Image Processing, Machine Learning, Computer Security

JAKU TARGETS SPECIFIC VICTIMS What makes JAKU unique is that within the noise of thousands of botnet victims, it targets and tracks a small number of specific individuals. These individuals include members of International... more

• • by Andy Settle and +1
  • •
  • Cyber Security, Botnets
• • by Roberto Di Pietro
  • •
  • Engineering, Technology, Computer Networks, Cryptanalysis
• • by Mark Scanlon
  • •
  • Computer Science, Information Security, Peer-to-Peer, Botnets

Botnets have evolved to become one of the most serious threats to the Internet and there is substantial research on both botnets and botnet detection techniques. This analysis reviewed the history of botnets and botnet detection... more

Botnets have evolved to become one of the most serious threats to the Internet and there is substantial research on both botnets and botnet detection techniques. This analysis reviewed the history of botnets and botnet detection techniques. The analysis showed traditional botnet detection techniques rely on passive techniques, primarily honeypots, and that honeypots are not effective at detecting peer-to-peer and other decentralized botnets. Furthermore, the detection techniques aimed at decentralized and peer-to-peer botnets focus on detecting communications between the infected bots. However, the increased use of obfuscation and encryption has significantly impacted the ability to detect botnet communications.

• • by Thomas Hyslip
  • •
  • Botnets, SNORT IDS Network, DDOS Attack

Botnets, the groups of illegally controlled infected devices on the Internet have had a history of two decades already. This history shows an evolution of the infection techniques, the scope of the target devices, and their usage. Thus,... more

Botnets, the groups of illegally controlled infected devices on the Internet have had a history of two decades already. This history shows an evolution of the infection techniques, the scope of the target devices, and their usage. Thus, the new direction is the usage of sophisticated data leakage techniques by state-sponsored hacker groups. Our article analyses this evolution while focusing on Botnet usage for cyber espionage. We present the Botnet architecture in the context of network science research, lifecycle, applied network protocols, and capabilities. Next, we analyze two examples, the APT28 group activities and the VPNFilter Botnet, which demonstrate the real-life cyber espionage capability of this technique.

• • by Tamás Szádeczky
  • •
  • Information Security, Network science, Cyber Security, Botnets

–The Spam Emails are regularly causing huge losses to business on a regular basis. The Spam filtering is an automated technique to identity SPAM and HAM (Non-Spam). The Web Spam filters can be categorized as: Content based spam filters... more

–The Spam Emails are regularly causing huge losses to business on a regular basis. The Spam filtering is an automated technique to identity SPAM and HAM (Non-Spam). The Web Spam filters can be categorized as: Content based spam filters and List based spam filters. In this research work, we have studied the spam statistics of a famous Spambot 'Srizbi'. We have also discussed different approaches for Spam Filtering and finally proposed a new algorithm which is made on the basis of behavioral approaches of Spammers and to restrict the budding economical growth of Spam generating company's. We have used the hidden Honeypot and a Honeytrap module to minimize the spam generated from Contact and Feedback forms on public and social networking CMS websites.

• • by Dr. Manish Saxena
  • •
  • SPAM, Botnet attacks, Botnets, Anti spam
• • by IJCSME Editor
  • •
  • Computer Science, Computer Networks, DDoS, Botnets

There is a lack of clarity within the social media domain about the number of discrete participants. Influence and measurement within new media is skewed towards the biggest numbers, resulting in fake tweets, sock puppets and a range of... more

There is a lack of clarity within the social media domain about the number of discrete participants. Influence
and measurement within new media is skewed towards the biggest numbers, resulting in fake tweets, sock
puppets and a range of force multipliers such as botnets, application programming interfaces (APIs), and
cyborgs. Social media metrics are sufficiently manipulated away from authentic discrete usage so that the
trustworthiness of identity, narrative and authority are in a constant state of uncertainty. Elections, social
causes, political agendas and new modes of online governance can now be influenced by a range of virtual
entities that can cajole and redirect opinions without affirming identity or allegiance. In the advent of the 2013
Australian Federal Election, the open source Twitter activity for the two main opposing political leaders was
examined in order to determine the manner in which information was diffused. The results showed phony online
personas, fake bots deploying automated Twitter dissemination, and deceptive Twitter strategies. New media
tolerates slacktivism, where Twitter users mistake auto-narrative for genuine political sentiment. This study
demonstrates the need to increase legitimacy and validity in micro-blogging forms of new media and the need
for multi-factor authentication.

• • by David Cook and +1
  • •
  • Twitter, Deception, Botnets, New Media, Social Network Analysis, e-research, Link analysis, Social Network Sites, Twitter, Facebook, Political Communication

Mobile IP technology considers as one of the buzzwords in world of wireless technology. Nowadays, a lot of Internet applications depend on this technology to deploy their services like VOIP, VANET and so on. However, the main goal of this... more

Mobile IP technology considers as one of the buzzwords in world of wireless technology. Nowadays, a lot of Internet applications depend on this technology to deploy their services like VOIP, VANET and so on. However, the main goal of this technology is to maintain high connectivity among the mobile nodes. The assumption here is that the Mobile Node (MN) should remain connected to its Home Agent (HA) during its mobility from one scope to another. The new scope is called Foreign Agent (FA) whereby the Mobile node can remain connected (routed) to the original scope (HA) by getting a new IP from FA which is called Care of Address (CoA). This paper will address the certain aspects belonging to the Mobile IP technology such as Mobile IPV4 and its relationship to Mobile IPV6 and some advantages and disadvantages of using Mobile IP. Vi-Fi (Vehicle Wi-Fi) descried as one of most advanced technology of Mobile IP.

• • by Aymen H AlAwadi and +1
  • •
  • Network Security, Computer Networks, Botnets

Malware create a seriously problem to the infected computer. People was believe that installing antivirus can mitigate the computer being infected. Unfortunately, malware designer actively create botnet being hide from the antivirus. In... more

Malware create a seriously problem to the infected computer. People was believe that installing antivirus can mitigate the computer being infected. Unfortunately, malware designer actively create botnet being hide from the antivirus. In this research, we develop a botnet based on vertexnet bot loader, so that we can use it as a tools to map the awareness of people from being infected. Also, we provide the methodology to mitigate the botnet propagation.

• • by Albert Sagala
  • •
  • Malware Analysis, Botnets, Botnet Detection Algorithms, Malware Reverse Engineering

Data mining is an interdisciplinary subfield of computer science involving methods at the intersection of artificial intelligence, machine learning and statistics. One of the data mining tasks is anomaly detection which is the analysis of... more

Data mining is an interdisciplinary subfield of computer science involving methods at the intersection of artificial intelligence, machine learning and statistics. One of the data mining tasks is anomaly detection which is the analysis of large quantities of data to identify items, events or observations which do not conform to an expected pattern. Anomaly detection is applicable in a variety of domains, e.g., fraud detection, fault detection, system health monitoring but this article focuses on application of anomaly detection in the field of network intrusion detection.The main goal of the article is to prove that an entropy-based approach is suitable to detect modern botnet-like malware based on anomalous patterns in network. This aim is achieved by realization of the following points: (i) preparation of a concept of original entropy-based network anomaly detection method, (ii) implementation of the method, (iii) preparation of original dataset, (iv) evaluation of the method.

• • by Przemysław Bereziński
  • •
  • Data Mining, Network Security, Anomaly Detection, Entropy
• • by Kostantinos Demertzis
  • •
  • Computer Science, Machine Learning, Data Mining, Botnets
• • by Armando Marques-Guedes
  • •
  • History, Cultural History, Economic History, Sociology

Passwords make our lives easier and secure. It protects our valuable private information. So, this acts as a blessing in our life. But every coin has two sides. This blessing can turn into a threat because passwords are being hacked by... more

Passwords make our lives easier and secure. It protects our valuable private information. So, this acts as a blessing in our life. But every coin has two sides. This blessing can turn into a threat because passwords are being hacked by unauthorized people. This kind of situations can lead industrial managers to face difficulties to operate their official devices because passwords can be changed by illegal users. It is important to measure the strength of the passwords that the managers are using because this will let the managers know about the condition of their password so that they can change it into a stronger password. Before measuring the strength, the password needs to be cracked. There are many methods to crack password. Brute force attack is used for cracking passwords when other procedures fail. By using a powerful botnet, the control over any device can be successful for estimating the intensity of the password. This paper specifies an easy and new technique of measuring the strength of a password called HashXplorer. It will help official managers to know about the condition of their passwords. It will observe whether their passwords need to be changed or not. Ultimately, HashXplorer will play a vital role in daily life.

• • by A.K.M Bahalul Haque
  • •
  • Distributed Computing, Cryptography, Hash Functions, Botnets

During the last decade, botnet emerged as one of the most serious malware which possess a serious threat to the Internet. Due to significant research effort in this domain there are many different detection methods based on diverse... more

During the last decade, botnet emerged as one of the most serious malware which possess a serious threat to the Internet. Due to significant research effort in this domain there are many different detection methods based on diverse technical principles. Of these, detection based-on network traffic analysis is one of the non-invasive and resilient detection techniques. There are several survey papers published on the detection methods, but either they didn't mention the analysis of the proposed methods or they just demonstrated a few different dimensions or did not have dimensions at all. Therefore, a complete evaluation framework for assessing the proposed methods is vital. In this paper, we first provide a comprehensive overview of this field by summarizing current significant methods and gathers all related network traffic features followed by a new evaluation framework with fourteen dimensions and the analysis of the existing detection methods to identify their characteristics, limitations, and performances.

• • by Arash Habibi Lashkari
  • •
  • Botnets, Botnet, Botnet Detection Algorithms, Botnet Detection

One of the most possible vulnerabilities to data available over network can be a botnet attack which can cause significant amount of data loss. A botnet attack is a type of malicious attack that utilizes a series of connected computers to... more

One of the most possible vulnerabilities to data available over network can be a botnet attack which can cause significant amount of data loss. A botnet attack is a type of malicious attack that utilizes a series of connected computers to attack or take down a network, network device, website or an IT environment. The attack can slow down the network/server, making it busy enough that other legitimate users are unable to access it or temporarily freeze the server. Distributed denial of service (DDOS) is common example of a botnet attack that utilizes a number of botnet devices to send a large number of simultaneous requests/packets to the targeted system. Thus in this paper we collected data sets (i.e. packets travelling in a network) from various sources and merged it to obtain a larger set comprising of benign and malicious traffic. The packets are then analysed to obtain TCP/UDP based flows. Features are then computed for all the flows identified and listed in a feature vector table. We further tried to parallelize the feature computation work using Hadoop map reduce framework. The feature vector table can be further used to train the classifier for segregating the malicious traffic from the benign traffic.

• • by GRD JOURNALS
  • •
  • P2P, Botnets, BOT, Flows

Cloud forensics has become an inexorable and a transformative discipline in the modern world. The need to share a pool of resources and to extract digital evidence from the same distributed resources to be presented in a... more

Cloud forensics has become an inexorable and a
transformative discipline in the modern world. The
need to share a pool of resources and to extract
digital evidence from the same distributed resources
to be presented in a court of law, has become a
subject of focus. Forensic readiness is a pro-active
process that entails digital preparedness that an
organisation uses to gather, store and handle
incident responsive data with the aim of reducing
post-event response by digital forensics
investigators. Forensic readiness in the cloud can be
achieved by implementing a botnet with nonmalicious code as opposed to malicious code. The
botnet still infects instances of virtual computers
within the cloud, however, with good intentions as
opposed to bad intentions. The botnet is, effectively,
implemented as a service that harvests digital
information that can be preserved as admissible and
submissive potential digital evidence. In this paper,
the authors‟ problem is that there are no techniques
that exist for gathering information in the cloud for
digital forensic readiness purposes as described in
international standard for digital forensic
investigations (ISO/IEC 27043). The authors
proposed a model that allows digital forensic
readiness to be achieved by implementing a Botnet
as a service (BaaS) in a cloud environment.

• • by SDIWC Organization
  • •
  • Digital Forensics, Botnets, Botnet, Cloud Security

martphones are becoming a vehicle to provide an efficient and convenient way to access, find and share information; however, the availability of this information has caused an increase in cyber attacks. Currently, cyber threats range from... more

martphones are becoming a vehicle to provide an efficient and convenient way to access, find and share information; however, the availability of this information has caused an increase in cyber attacks. Currently, cyber threats range from Trojans and viruses to botnets and toolkits. Presently, 96% of smartphones do not have pre-installed security software. This lack in security is an opportunity for malicious cyber attackers to hack into the various devices that are popular (i.e. Android, iPhone and Blackberry). Traditional security software found in personal computers (PCs), such as firewalls, antivirus, and encryption, is not currently available in smartphones. Moreover, smartphones are even more vulnerable than personal computers because more people are using smartphones to do personal tasks. Nowadays, smartphone users can email, use social networking applications (Facebook and Twitter), buy and download various applications and shop. Furthermore, users can now conduct monetary t...

• • by Maurice Dawson
  • •
  • Mobile Learning, Machine Learning, Data Mining, Social Networking
• • by Dr. Ahmed Manasrah
  • •
  • Web Design, Computer Networks, Web Development, Internet Security
• • by Vikram Sharma
  • •
  • Case Study, Command and Control, Botnets, Peer to Peer
• • by meisam eslahi
  • •
  • Botnets, Botnet, HTTP Bots, False Alarm Reduction

Internet, the largest available tool for information, communication and commerce has resulted in globalisation, while on the other hand; it has resulted in a large number of criminal activities and cybercrimes for financial gains. Botnets... more

Internet, the largest available tool for information, communication and commerce has resulted in globalisation, while on the other hand; it has resulted in a large number of criminal activities and cybercrimes for financial gains. Botnets are termed as-Global Internet Security Threat, the most insidious and dangerous species of network-based attacks and the most preferred platform to launch and commit cyberattacks. Botnets are a collection of infected and compromised computers (bots or zombies) that perform repetitive tasks commanded by botmasters and are used to spread malware and virus and to carry out illicit activities. Botmasters or botherders control and issue commands to bots to launch massive attacks and to carry out malicious activities. Botnets are readily used for Distribute Denial of Service (DDoS) attacks, spam, fast flux, and click-fraud, adware, spyware and scareware attacks. Botnets perpetrate these attacks and thus, it is one of major challenges to network and Inter...

• • by Sudhir Panda
  • •
  • Computer Science, Information Security, Botnets, Botnet

—The utilization of Internet on domestic and corporate front has been increasing at drastic rate. Each organization and enterprise exploits the internet to its fullest extent based on its requirements. In almost all areas, internet is... more

—The utilization of Internet on domestic and corporate front has been increasing at drastic rate. Each organization and enterprise exploits the internet to its fullest extent based on its requirements. In almost all areas, internet is proved to be a boon. But sometimes it lands the users into trouble because of un-wanted and uninvited harmful software applications. There are so many types of threats and challenges that are faced by the in-ternet users. Out of all the threats faced by internet users, botnets are at the top most position. Because of these prodigious threats botnets are the rising area of research. Botnet works as a coordinated or synchronized activity where different bots collectively participate to perform a malicious task. The botnet is different from other form of malware in its capability to compromise the computer systems or smartphones to set up a link with command and control(C&C) server controlled by bot controller. Because of the massive participation of compromised machines the losses caused by botnet attack are immeasurable. As a result, different researchers are showing keen interest in the field of botnets. The trend reflects that the number of researches in this field have gone up at tremendous rate in past 5 to 10 years. The present paper proposes a framework to systematically identify the presence of malicious bot, prevent it from spreading further and performing its forensic investigation.

• • by Harvinder Singh
  • •
  • Botnets, DDoS Botnet Detection
• • by Vikram Sharma
  • •
  • Case Study, Command and Control, Botnets, Peer to Peer
• • by Khaled Raouf
  • •
  • Distributed Computing, Network Security, Markov Processes, Queueing theory
• • by Bob Gilbert
  • •
  • Botnets, Electronic mail, IP networks, Data Format
• • by SDIWC Organization
  • •
  • Computer Science, Information Technology, Computer Security, Botnets