Botnets

Using Honeynets for Discovering and Disrupting IRC-Based Botnets

ABSTRACT

A botnet is a network of compromised computers that can be remotely controlled by an attacker through a predefined communication channel. A computer becomes part of a botnet when it gets infected by a software agent commonly known as a ‘bot’. Studies carried out by various research groups show the presence of hundreds of thousands of such compromised computers across the Internet. The sheer presence of such a large number of bots poses a serious threat to e-business infrastructures in particular and the Internet community at large. There have already been a number of well-documented incidents where such an army of bots has been used to launch Distributed Denial of Service (DDoS) attacks against corporate networks. Research carried out by various bot activity-monitoring groups also indicates that in recent months there has been a shift towards using these bots and botnets for monetary gains and espionage activities.

Malware Analysis Framework from Static to Dynamic Analysis

ABSTRACT

Today, malicious software on networks is the major threat to internet security. Analysis of the malicious software is a multi-step process that can provide insight into its structure, functionality and behaviour that can be used to create an antidote. This paper focuses on how the analysis of malicious software can be used and how details of events gathered from an infected system can be used to detect a new infection. This strategy makes it possible to detect an infection on a honeypot that has been deployed to detect zero-day attacks. This paper demonstrates the steps taken in the analysis of malicious software from static to dynamic analysis, then the same methodology is used to analyse an infection on the honeypot. The paper concludes with an explanation of the difference between the static and dynamic analysis of malicious code. 

Design of a Hybrid Command and Control Mobile Botnet

ABSTRACT

The increasing popularity and improvement in capabilities offered by smartphones caught the attention of botnet developers. Now the threat of botnets is moving towards the mobile environment. This study presents the design of a hybrid command and control mobile botnet.  The hybrid design explores the efficiency of multiple command and control channels against the following objectives: no single point of failure within the topology, low cost for command dissemination, limited network activities, and low battery consumption.  The objectives are measured with a prototype that is deployed on a small collection of Android-based smartphones.  The results indicate that current mobile technology exhibits all the capabilities needed to create a mobile botnet.

Twitter Deception and Influence: Issues of Identity, Slacktivism, and Puppetry

ABSTRACT

There is a lack of clarity within the social media domain about the number of discrete participants. Influence and measurement within new media is skewed towards the biggest numbers, resulting in fake tweets, sock puppets, and a range of force multipliers such as botnets, application programming interfaces (APIs), and cyborgs. Social media metrics are sufficiently manipulated away from authentic discrete usage so that the trustworthiness of identity, narrative, and authority are constantly uncertain. Elections, social causes, political agendas and new modes of online governance can now be influenced by a range of virtual entities that can cajole and redirect opinions without affirming identity or allegiance. Using the 2013 Australian Federal Election as a case study, this study demonstrates the need to increase legitimacy and validity in micro-blogging forms of new media and the need for multi-factor authentication.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Keywords

A

AI
APT

C

C2
C2S
CDX
CIA
CIP
CPS

D

DNS
DoD
DoS

I

IA
ICS

M

P

PDA

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455

 757.510.4574

 JIW@ArmisteadTec.com