Documente Academic
Documente Profesional
Documente Cultură
Presented by:
Kavisha
B.Tech.(I.T.)-V semester
Bot Master
IRC Channel
C&C Traffic
Attack
Victim Bots
Botnet Life-cycle
Botnet Life-cycle (contd.)
Botnet Life-cycle (contd.)
Botnet Life-cycle (contd.)
Types of attacks
Distributed Denial of Service (DDoS) attacks
Sending Spams
Phishing (fake websites)
Adware
Spyware (keylogging, information harvesting)
Click Fraud
Botnets In Network Security
Internet users are getting infected by bots.
Many times corporate and end users are trapped in botnet
attacks.
Today 16-25% of the computers connected to the internet are
members of a botnet.
According to Damballas Technical report, 83.1% of global
spam in March,2011 was sent by Botnets.
Computer security experts estimate that most Spam is sent by
home computers that are controlled remotely & millions of
these computers are part of Botnets.
Contd.
2010 was a big year for internet crimes with botnets
& targeted attacks becoming headlines on almost
weekly basis. Botnets such as Mariposa, Confiker,
Koobface have become household names.
The public disclosure of electronic attacks on
international organizations such as Google, Adobe
& many others referred to as Operation Aurora
revealed that sophisticated & advanced malware are
now every day inclusions of the criminal toolkits.
Most Wanted Botnets
Zeus- Compromised U.S. 3.6 million computers.
Koobface- Compromised U.S. 2.9 million
computers.
TidServ- Compromised U.S. 1.5 million
computers.
Trojan.Fakeavalert- Compromised U.S. 1.4 million
computers.
TR/Dldr.Agent.JKH- Compromised U.S. 1.2
million computers.
Botnet Detection
The two approaches for botnet detection are based
on::
Setting up honeynets
Passive traffic monitoring
Signature based
Anomaly based
DNS based
Botnet Detection: Honeynets
Honeynets Windows Honeypot