scholarly journals BOTNET ATTACK IN COMPUTER NETWORK SECURITY

2020 ◽  
pp. 94-100
Author(s):  
S.Nagendra Prabhu ◽  
D.Shanthi
Keyword(s):  
Network Security ◽  
Computer Network ◽  
Communication Protocols ◽  
Command And Control ◽  
Cyber Attacks ◽  
Botnet Detection ◽  
Online Searching ◽  
Channel Information ◽  
Cyber Crimes ◽  
And Control

Among the various forms of malware, Botnet is the serious threat which occurs commonly in today’s cyber attacks and cyber crimes. Botnet are designed to perform predefined functions in an automated fashion, where these malicious activities ranges from online searching of data, accessing lists, moving files sharing channel information to DDoS attacks against critical targets, phishing, click fraud etc. Existence of command and control(C&C) infrastructure makes the functioning of Botnet unique; in turn throws challenges in the mitigation of Botnet attacks. Hence Botnet detection has been an interesting research topic related to cyber-threat and cyber-crime prevention in network security. Various types of techniques and approaches have been proposed for detection, mitigation and preventation to Botnet attack. Here I discusses in detail about Botnet and related research including Botnet evolution, life-cycle, command and control models, communication protocols, Botnet detection, and Botnet mitigation mechanism etc. Also an overview of research on Botnets which describe the possible attacks performed by various types of Botnet communication technologies in future. KEYWORDS— Bot; Botnet; C&C mechanism; communication protocols; honeynet; passive traffic; attacks; defense; preventaation; mitigation

scholarly journals Survey of Botnet Technology and Defenses

2021 ◽  
pp. 193-200
Author(s):  
Mrs. Jaishma Kumari B ◽  
Manisha ◽  
Ravish Acharya ◽  
R Yajnesh
Keyword(s):  
Crime Prevention ◽  
Research Topic ◽  
Cyber Attacks ◽  
Cyber Crime ◽  
Botnet Detection ◽  
Online Searching ◽  
Click Fraud ◽  
Survey Paper ◽  
Channel Information ◽  
Cyber Crimes

Among the diverse forms of malware, Botnet is the serious threat which occurs commonly in today’s cyber attacks and cyber crimes. Botnets are designed to perform predefined functions in an automated fashion, where these malicious activities range from online searching of data, moving files sharing channel information to DDoS attacks against critical targets, click fraud etc. Botnet detection has been an interesting research topic related to cyber-threat and cyber-crime prevention. In this survey paper we provide a brief look at how existing botnet research, the evolution and future of botnets, as well as the goals and visibility of today’s network intersect to inform the field of botnet technology and defense.

scholarly journals Detecting malware based on expired command-and-control traffic

2017 ◽  
Vol 13 (7) ◽  
pp. 155014771772079 ◽  
Author(s):  
Futai Zou ◽  
Siyu Zhang ◽  
Linsen Li ◽  
Li Pan ◽  
Jianhua Li
Keyword(s):  
Network Security ◽  
High Precision ◽  
Command And Control ◽  
Behavioral Characteristics ◽  
Security Risks ◽  
Domain Name ◽  
Security Environment ◽  
And Control ◽  
Control Traffic ◽  
Domain Name Service

In this article, we analyze the behavioral characteristics of domain name service queries produced by programs and then design an algorithm to detect malware with expired command-and-control domains based on the key feature of domain name service traffic, that is, repeatedly querying domain with a fixed interval. In total, 3027 malware command-and-control domains in the network traffic of Shanghai Jiao Tong University, affecting 249 hosts, were successfully detected, with a high precision of 92.0%. This algorithm can find those malware with expired command-and-control domains that are usually ignored by current research and would have important value for eliminating network security risks and improving network security environment.

Botnet and Internet of Things (IoTs)

2020 ◽  
pp. 304-316
Author(s):  
Kamal Alieyan ◽  
Ammar Almomani ◽  
Rosni Abdullah ◽  
Badr Almutairi ◽  
Mohammad Alauthman
Keyword(s):  
Internet Of Things ◽  
Cyber Attacks ◽  
The Internet ◽  
Ddos Attacks ◽  
Botnet Detection ◽  
The Public ◽  
Detection Techniques ◽  
Channel Information ◽  
Iot Devices ◽  
The Internet Of Things

In today's internet world the internet of things (IoT) is becoming the most significant and developing technology. The primary goal behind the IoT is enabling more secure existence along with the improvement of risks at various life levels. With the arrival of IoT botnets, the perspective towards IoT products has transformed from enhanced living enabler into the internet of vulnerabilities for cybercriminals. Of all the several types of malware, botnet is considered as really a serious risk that often happens in cybercrimes and cyber-attacks. Botnet performs some predefined jobs and that too in some automated fashion. These attacks mostly occur in situations like phishing against any critical targets. Files sharing channel information are moved to DDoS attacks. IoT botnets have subjected two distinct problems, firstly, on the public internet. Most of the IoT devices are easily accessible. Secondly, in the architecture of most of the IoT units, security is usually a reconsideration. This particular chapter discusses IoT, botnet in IoT, and various botnet detection techniques available in IoT.

Botnet and Internet of Things (IoTs)

2021 ◽  
pp. 138-150
Author(s):  
Kamal Alieyan ◽  
Ammar Almomani ◽  
Rosni Abdullah ◽  
Badr Almutairi ◽  
Mohammad Alauthman
Keyword(s):  
Internet Of Things ◽  
Cyber Attacks ◽  
The Internet ◽  
Ddos Attacks ◽  
Botnet Detection ◽  
The Public ◽  
Detection Techniques ◽  
Channel Information ◽  
Iot Devices ◽  
The Internet Of Things

In today's internet world the internet of things (IoT) is becoming the most significant and developing technology. The primary goal behind the IoT is enabling more secure existence along with the improvement of risks at various life levels. With the arrival of IoT botnets, the perspective towards IoT products has transformed from enhanced living enabler into the internet of vulnerabilities for cybercriminals. Of all the several types of malware, botnet is considered as really a serious risk that often happens in cybercrimes and cyber-attacks. Botnet performs some predefined jobs and that too in some automated fashion. These attacks mostly occur in situations like phishing against any critical targets. Files sharing channel information are moved to DDoS attacks. IoT botnets have subjected two distinct problems, firstly, on the public internet. Most of the IoT devices are easily accessible. Secondly, in the architecture of most of the IoT units, security is usually a reconsideration. This particular chapter discusses IoT, botnet in IoT, and various botnet detection techniques available in IoT.

scholarly journals Network Security Assessment Using Internal Network Penetration Testing Methodology

2018 ◽  
Vol 2 (4-2) ◽  
pp. 360
Author(s):  
Deni Satria ◽  
Alde Alanda ◽  
Aldo Erianda ◽  
Deddy Prayama
Keyword(s):  
Network Security ◽  
Computer Network ◽  
Cyber Attacks ◽  
Security System ◽  
Security Assessment ◽  
Security Risk ◽  
Security Systems ◽  
Penetration Testing ◽  
Internal Network ◽  
The Stability

The development of information technology is a new challenge for computer network security systems and the information contained in it, the level of awareness of the importance of network security systems is still very low. according to a survey conducted by Symantec, the desire to renew an existing security system within a year within a company has the result that only 13% of respondents consider changes to the security system to be important from a total of 3,300 companies worldwide as respondents. This lack of awareness results in the emergence of security holes that can be used by crackers to enter and disrupt the stability of the system. Every year cyber attacks increase significantly, so that every year there is a need to improve the security of the existing system. Based on that, a method is needed to periodically assess system and network security by using penetrarion testing methods to obtain any vulnerabilities that exist on the network and on a system so as to increase security and minimize theft or loss of important data. Testing is carried out by using internal network penetration testing method which tests using 5 types of attacks. From the results of the tests, each system has a security risk of 20-80%. From the results of these tests it can be concluded that each system has a security vulnerability that can be attacked.

scholarly journals Machine Learning Techniques for Network Intrusion Detection System (NIDS): A Survey

2021 ◽  
Vol 9 (12) ◽  
pp. 1477-1483
Keyword(s):  
Machine Learning ◽  
Network Security ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Computer Network ◽  
Detection System ◽  
Vital Role ◽  
Cyber Attacks ◽  
Machine Learning Techniques ◽  
Network Intrusion

In computer network, security of the network is a major issue and intrusion is the most common threats to security. Cyber attacks detection is becoming more enlightened challenge in detecting these threats accurately. In network security, intrusion detection system (IDS) has played a vital role to detect intrusion. In recent years, numerous methods have been proposed for intrusion detection to detect these security threats. This survey paper study examines recent work in the topic of network security, machine learning based techniques as well as a discussion of the many datasets that are commonly used to evaluate IDS. It also explains how researchers employ Machine Learning Based Techniques to detect intrusions

scholarly journals Hybrid rule-based botnet detection approach using machine learning for analysing DNS traffic

2021 ◽  
Vol 7 ◽  
pp. e640
Author(s):  
Saif Al-mashhadi ◽  
Mohammed Anbar ◽  
Iznan Hasbullah ◽  
Taief Alaa Alamiedy
Keyword(s):  
Machine Learning ◽  
False Positive ◽  
False Positive Rate ◽  
Communication Protocols ◽  
Cyber Attacks ◽  
Machine Learning Algorithms ◽  
Detection Accuracy ◽  
Botnet Detection ◽  
Internet Service ◽  
Positive Rate

Botnets can simultaneously control millions of Internet-connected devices to launch damaging cyber-attacks that pose significant threats to the Internet. In a botnet, bot-masters communicate with the command and control server using various communication protocols. One of the widely used communication protocols is the ‘Domain Name System’ (DNS) service, an essential Internet service. Bot-masters utilise Domain Generation Algorithms (DGA) and fast-flux techniques to avoid static blacklists and reverse engineering while remaining flexible. However, botnet’s DNS communication generates anomalous DNS traffic throughout the botnet life cycle, and such anomaly is considered an indicator of DNS-based botnets presence in the network. Despite several approaches proposed to detect botnets based on DNS traffic analysis; however, the problem still exists and is challenging due to several reasons, such as not considering significant features and rules that contribute to the detection of DNS-based botnet. Therefore, this paper examines the abnormality of DNS traffic during the botnet lifecycle to extract significant enriched features. These features are further analysed using two machine learning algorithms. The union of the output of two algorithms proposes a novel hybrid rule detection model approach. Two benchmark datasets are used to evaluate the performance of the proposed approach in terms of detection accuracy and false-positive rate. The experimental results show that the proposed approach has a 99.96% accuracy and a 1.6% false-positive rate, outperforming other state-of-the-art DNS-based botnet detection approaches.

Sign in / Sign up

Export Citation Format

Share Document