top-rated free essay

Botnet Paper

By Wildcat06 Apr 13, 2015 1014 Words


Botnets
William Jones
68.510 Data Networking
27 Feb 2013
Professor Tomsic
Executive Summary
This paper will define botnets and how they are developed, used and controlled. The malicious attacks such as distributed denial of service (DDoS) will be discussed along with recent DDoS attacks and the likely perpetrators and their motives. Finally, I will describe what protocols and systems are used by attackers use to control and update botnets today.

In terms of today’s cyber world the term bot which was originally derived from the work robot, refers to end systems (desktops, laptops, servers) that have been infected by malicious software. Once compromised the end system is turned into a bot that is under the command and control of the criminal identity theft. Criminal organizations utilize malicious software to infect large numbers of systems to create botnets to perpetrate large scale attacks like those we have seen against our financial organizations. Malware is malicious software intended to cause harm. It usually refers to viruses, worms, trojans, or other forms of malicious code that is used to compromise the integrity of the target system with the intent to disrupt systems, spy on users and steal their credentials and /or identify, or take control of the system. Systems can be infected in multiple ways including physical contact such as sharing files on portable storage media such as CD’s or flash drives. However, today malware more commonly arrives in electronic mail messages, either in an infected file attached to the email or through a Web link within the message. Malware can also be embedded in a downloaded file such as a jpg or a music file. In addition, malware can enter through an open network connection, without any human intervention due to poor configuration, or the lack of security patching processes. Once infected the end system is under the command and control of the criminal organization to conduct illicit activities. The trend and sophistication of attacks using botnets has been increasing and recently has been taking the form of DDoS attacks. There are several reasons for the increase in the numbers and sophistication in the attacks namely the emergence of crime as a service (CaaS) and hactivism. CaaS has emerged as a threat due to the growth in low-cost highly available attack software that allows novice hackers the ability to unleash attacks. Secondly, hactivism or the use of cyber attacks to make political or social statements like we have recently seen emanating from the Cyber Fighters of Izz ad-Din al-Qassam (Cyber Fighters), Anonymous or the Occupy movement. Recent data shows that nearly 51% of observed attack traffic has originated in the Asia Pacific region, while just over 23% has originated in North and South America. Targets of recent DDoS activity include U.S. Bancorp, JPMorgan Chase, Bank of America, PNC Financial Services Group, SunTrust, HSBC, Ally Bank, BB&T, Wells Fargo and Capital One. However, a recent announcement by the Cyber Fighters indicates that they are going to be targeting regional and community banks. The methodology that is evidenced during recent attacks is that virtual private servers have been compromised with a per node attack rate that is one hundred times greater than the normal bot. In addition, the command and control of the botnet is much tighter and able to modify attack methods and shift between targets in as little as twenty minutes whereas it used to take hours or days. Some interesting examples of recent DDoS attacks using Botnets are as follows: Case #1 The London Olympics was the target of DDoS attacks from 25 July through 9 September. The first significant attack occurred five hours prior to the opening ceremony and used twenty-three different attack vectors with 234M requests over an hour and twenty minute period. The second significant event took place during the first full day of competition and over a twelve hour period there were 5.6 B requests. Case #2 A large East Coast financial services company was targeted during Hurricane Sandy and DNS requests peaked at 158K per second and totaled 19B in five days compared to 30M hits per week. Case #3 – A leading US financial institution (FI) with millions of customers was the target of a massive DDoS attack with peak attack traffic of 30 Gbps which is 30 times the normal daily high traffic volume. Because of mitigating controls in place the attack was unsuccessful and the attackers gave up after fifteen minutes. Then twenty-five minutes later another large US based FI underwent a DDoS attack whose peak attack traffic volume of 8,491 MBit/sec with a duration of approximately two hours and forty minutes. Despite existing mitigating controls there was a degradation of service. In conclusion, the use and sophistication of Botnets is increasing and recent trends indicate thus type of activity will continue to increase. Lessons learned include after a short probe of defenses the attacks begin in earnest and can last from minutes up to several days. Current attack methodologies are against Layer 7 of the protocol stack and attack SSL as opposed to the old attack methods that targeted Layer 4. Organizations need to develop and implement appropriate business continuity plans including preparing for dramatic increases of inbound network traffic, develop and implement incident response plans, and consider engaging service providers that specialize in real-time monitoring DDoS mitigation services.

References

1. Kurose, James F., and Keith W. Ross. Computer Networking: A Top-down Approach. Boston: Pearson, 2013. Print.

2. "2011 DDoS Attacks." Neustar. N.p., n.d. Web. 26 Feb. 2013.

3. "Akamai.com." State of the Internet. N.p., n.d. Web. 26 Feb. 2013.

4. "News & Updates." 2012 Cost of Cyber Crime Study: United States. N.p., n.d. Web. 26 Feb. 2013. <http://www.ponemon.org/news-2/44>.

5. "Cyber Crime." FBI. N.p., n.d. Web. 26 Feb. 2013. <http://www.fbi.gov/about-us/investigate/cyber>.

6. "Al-Qassam Cyber Fighters Threaten There's Not Much Time Until They Resume Attacks." - Softpedia. N.p., n.d. Web. 26 Feb. 2013. <http://news.softpedia.com/news/al-Qassam-Cyber-Fighters-Threaten-There-s-Not-Much-Time-Until-They-Resume-Attacks-330763.shtml>.

Cite This Document

Related Documents

  • Itp 1101 Research Paper

    ...ITP 1101 1I Research Paper MARTIN PAOLO A. LAPORGA RICHARD GRIFFITHS 12/13/12 This paper provides a general overview of denial-of-service attacks in which the primary goal of the attack is to remove or limit the victim’s access to a particular service or resource. The paper also provides an overview of on methods of attack and its impact...

    Read More
  • Detection of Botnets Using Honeypots and P2P Botnets

    ...Kotapalli Detection of Botnets Using Honeypots and P2P Botnets Rajab Challoo Dept. of Electrical Engineering & Computer Science Texas A&M University Kingsville Kingsville, 78363-8202, USA kfrc000@tamuk.edu Raghavendra Kotapalli Dept. of Electrical Engineering & Computer Science Texas A&M University Kingsville Kingsville, 78363-8202, ...

    Read More
  • General Paper

    ...CAMBRIDGE INTERNATIONAL EXAMINATIONS General Certificate of Education Advanced Subsidiary Level GENERAL PAPER 8004/1,2,3 MAY/JUNE SESSION 2002 2 hours Additional materials: Answer paper TIME 2 hours INSTRUCTIONS TO CANDIDATES Write your name, Centre number and candidate number in the spaces provided on the answer paper/ answe...

    Read More
  • Enzymes and Paper

    ...aid in the progression of specific biochemical reactions without undergoing any permanent chemical changes themselves. They are complex, conjugated proteins necessary and required to sustain life. Today, enzymes are also used world-wide in a variety of different industrial applications such as the production of paper, wine fermentation, and bio-...

    Read More
  • School Papers

    ...You can buy custom school papers starting at $13/page You can buy school papers online, but qualified school papers are difficult to come by; that is why we developed a service where you can order custom papers for school. We provide you will all the help to write your school paper at the high standard requirements of your school. Papers that...

    Read More
  • Pushing Papers

    ... Pushing Papers Can be Fun Gurjoat Gill Table of Contents Introduction Primary Problem Secondary problem Impacts on community Solution Pros / Cons of Solution Final Solution Bibliography Introduction At a seminar placed by the city government, a police chi...

    Read More
  • Research Paper

    ...Rodims Free Essays on Parts Of Chapter 2 Of Research Paper for students. Use our papers to help you with yours 21 - 40. Writing Chapter 2: Review of Related Literature | 4humbeline 4humbeline.wordpress.com/.../writing-chapter-2-review-of-related-literat...‎ Nov 4, 2011 - A literature review is designed to identify related res...

    Read More
  • Banana Paper

    ...REVIEW OF RELATED LITERATURE In a study, “Papers and Boards from Banana Stem Waste” in which they used banana stem waste in producing paper and board because banana is a very good source of cellulose. Banana stem waste, thrown away by farmers after harvesting of fruits, was procured as raw material. It was chopped by 3-4” size usually...

    Read More

Discover the Best Free Essays on StudyMode

Conquer writer's block once and for all.

High Quality Essays

Our library contains thousands of carefully selected free research papers and essays.

Popular Topics

No matter the topic you're researching, chances are we have it covered.