A STUDY ON BOTNET
ARCHITECTURE
Seminar Guide,
SHIBU V.S
Asst.Professor

By,

BINI B.S
M1,CSE

1
Overview
Introduction
How Botnet Works
Botnet Life Cycle

Botnet Architecture
Centralized Botnet Architecture.
Peer ...
Introduction
 BOTNET or Robot Network is the biggest network security
threats faced by home users, organizations, and gov...
4
Botnet Life Cycle
• Once botnet infects a computer, A bot usually
steals something such as personal information,
Authentic...
6

Botnet Life Cycle
Botnet Architecture
 Different types of BOTNET architectures:

i.
ii.
iii.
iv.

Centralized Botnet Architecture.
Peer to ...
I. Centralized Botnet Architecture
• Oldest and easiest architecture to manage and
control botnets.
• All the zombie compu...
9
II.Peer to Peer Botnet Architecture
• Used to remove the drawbacks of centralized
architecture.
• P2P based n/w is much ha...
11
III. Hybrid Botnet Architecture
• It is harder to be shut down, monitored, and hijacked.
• A botmaster could easily monito...
13
IV. Hyper Text Transfer Protocol with Peer to Peer:
• The Supervisor-Bot cipher the message.
• It continuously search for ...
Self healing System Architecture
• Concept is inspired by the way organisms adapt
to their environment by developing immun...
Self healing System Architecture (cont..)
• It enables networked systems to look
continuously for any alteration of “norma...
V. Self healing System Architecture
(cont..)
• It is optimized for a domain controlled network
that connects to a large ge...
18

Self-healing System Architecture
Conclusion
• Botnets have a direct influence on the number of
cybercrimes committed. We have to be well
prepared for futur...
Reference
• [1] Ihsan Ullah, Naveed Khan, Hatim A.Aboalsamh,“ SURVEY
ON BOTNET: ITS ARCHITECTURE, DETECTION, PREVENTION
AN...
21
Upcoming SlideShare
Loading in …5
×

Study on Botnet Architecture

1,088 views

Published on

Published in: Education, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,088
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
46
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Study on Botnet Architecture

  1. 1. A STUDY ON BOTNET ARCHITECTURE Seminar Guide, SHIBU V.S Asst.Professor By, BINI B.S M1,CSE 1
  2. 2. Overview Introduction How Botnet Works Botnet Life Cycle Botnet Architecture Centralized Botnet Architecture. Peer to Peer Botnet Architecture (P2P). Hybrid Botnet Architecture. Hyper Text Transfer Protocol with Peer to Peer (HttP2P) Botnet Architecture. Self-healing system Architecture. Conclusion References 2
  3. 3. Introduction  BOTNET or Robot Network is the biggest network security threats faced by home users, organizations, and governments.  A “BOTNET” is a network of compromised computers (“bots”) connected to the Internet that is controlled by a remote attacker (“botmaster”).  Created by intelligent and up to date hackers. 3
  4. 4. 4
  5. 5. Botnet Life Cycle • Once botnet infects a computer, A bot usually steals something such as personal information, Authentication credentials or Credit card data. • The machine then becomes part of the botnet, ready to perform designated malicious tasks. • Common functions in most botnets include DDoS attacks, Click fraud ,spam, phishing etc. 5
  6. 6. 6 Botnet Life Cycle
  7. 7. Botnet Architecture  Different types of BOTNET architectures: i. ii. iii. iv. Centralized Botnet Architecture. Peer to Peer Botnet Architecture (P2P). Hybrid Botnet Architecture Hyper Text Transfer Protocol with Peer to Peer Botnet Architecture. 7
  8. 8. I. Centralized Botnet Architecture • Oldest and easiest architecture to manage and control botnets. • All the zombie computers is being supervised from a center point, which makes them easy to manage. • The disadvantage : Entire botnet can be shutdown if the defender captures the C&C server. • Examples: AgoBot, SDBot, SpyBot, GTBot etc. 8
  9. 9. 9
  10. 10. II.Peer to Peer Botnet Architecture • Used to remove the drawbacks of centralized architecture. • P2P based n/w is much harder to shutdown. • In this architecture a node can act as a client(soldier bot) as well as a server(supervisor bot) and there is no centralized point as C&C server. • Examples : Phatbot and Peacomm. 10
  11. 11. 11
  12. 12. III. Hybrid Botnet Architecture • It is harder to be shut down, monitored, and hijacked. • A botmaster could easily monitor the entire botnet by issuing a report command , and make it harder from detecting bots. 12
  13. 13. 13
  14. 14. IV. Hyper Text Transfer Protocol with Peer to Peer: • The Supervisor-Bot cipher the message. • It continuously search for Soldier-Bot, and when found deliver message to it. • While the Soldier-Bot does not contact dynamically to Supervisor-Bot rather it waits for a call from its supervisor. 14
  15. 15. Self healing System Architecture • Concept is inspired by the way organisms adapt to their environment by developing immunity against harmful viruses, bacteria and toxins. • It is based on a study of two HTTP-based botnets, Zeus and Black energy, and two P2P botnets , Waledac and Storm. 15
  16. 16. Self healing System Architecture (cont..) • It enables networked systems to look continuously for any alteration of “normal behavior” and apply appropriate corrective actions. • It can recognize when it is not operating correctly and, with little or no human intervention occurs. 16
  17. 17. V. Self healing System Architecture (cont..) • It is optimized for a domain controlled network that connects to a large geographic region. • Application is mainly in Defense-in-depth security solution for domain-controlled enterprise networks. 17
  18. 18. 18 Self-healing System Architecture
  19. 19. Conclusion • Botnets have a direct influence on the number of cybercrimes committed. We have to be well prepared for future botnets. It is an ongoing war between botnet attacks and defenses. 19
  20. 20. Reference • [1] Ihsan Ullah, Naveed Khan, Hatim A.Aboalsamh,“ SURVEY ON BOTNET: ITS ARCHITECTURE, DETECTION, PREVENTION AND MITIGATION”, 978-1-4673-5200-0/13/$31.00 ©2013 IEEE. • [2]Bhagath Singh Jayaprakasam,” MODELING BOTNET IN PEER TO PEER SYSTEMSPRESENTED” Apr 28, 2011. • [3] Adeeb Alhomoud and Irfan Awan ,Jules Ferdinand Pagna Disso, Muhammad Younas,“A Next- Generation Approach to Combating Botnets” 0018-9162/13/$31.00 © 2013 IEEE. 20
  21. 21. 21

×