0
PRESENTATION     ON   BOTNETPriyanka Harjai
OUTLINEIntroduction to Botnet Botnet Life-cycle Botnet in Network Security Botnet Uses Botnet Detection Preventing B...
INTRODUCTION A Botnet is a network of compromised computers  under the control of a remote attacker controller of a botn...
INTRODUCTION TO BOTNET(TERMINOLOGY)                                     IRC Server                  IRC Channel           ...
BOTNET LIFE-CYCLE
BOTNET LIFE-CYCLE
BOTNET LIFE-CYCLE
BOTNET LIFE-CYCLE
BOTNET IN NETWORK SECURITY Internet users are getting infected by bots Many times corporate and end users are trapped in...
BOTNET IS USED FOR-    Money         Bot Master
HOW BOTNET IS USED??Distributed Denial of Service (DDoS) attacks Sending Spams Phishing Addware Spyware Click Fraud
BOTNET DETECTIONTwo approaches for botnet detection based on Setting up honeynets Passive traffic monitoring        Sig...
BOTNET DETECTION:SETTING UP HONEYNETS                                            Windows Honey pot      Honeywall Respons...
BOTNET DETECTION:SETTING UP HONEYNETS Bot                                                   Sensor                      1....
BOTNET DETECTION:TRAFFIC MONITORING Signature based: Detection of known botnets Anomaly based: Detect botnet using follo...
BOTNET DETECTION Determining the source of a botnet-based attack is  challenging: Traditional approach:             Eve...
PREVENTING BOTNET INFECTIONSUse a Firewall Use Antivirus (AV) software Deploy an Intrusion Prevention System (IPS) Def...
CONCLUSION  Botnets pose a significant and growing threat against   cyber security  It provides key platform for many cy...
Botnet
Upcoming SlideShare
Loading in...5
×

Botnet

1,446

Published on

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,446
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
131
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Transcript of "Botnet "

  1. 1. PRESENTATION ON BOTNETPriyanka Harjai
  2. 2. OUTLINEIntroduction to Botnet Botnet Life-cycle Botnet in Network Security Botnet Uses Botnet Detection Preventing Botnet Infection Botnet Research Conclusion
  3. 3. INTRODUCTION A Botnet is a network of compromised computers under the control of a remote attacker controller of a botnet is able to direct the activities of these compromised computers Botnet Terminology  Bot Herder (Bot Master)  Bot  Bot Client  IRC Server  Command and Control Channel (C&C)
  4. 4. INTRODUCTION TO BOTNET(TERMINOLOGY) IRC Server IRC Channel Code Server Bot Master IRC Channel C&C Traffic Updates Attack Victim
  5. 5. BOTNET LIFE-CYCLE
  6. 6. BOTNET LIFE-CYCLE
  7. 7. BOTNET LIFE-CYCLE
  8. 8. BOTNET LIFE-CYCLE
  9. 9. BOTNET IN NETWORK SECURITY Internet users are getting infected by bots Many times corporate and end users are trapped in botnet attacks Today 16-25% of the computers connected to the internet are members of a botnet In this network bots are located in various locations It will become difficult to track illegal activities This behavior makes botnet an attractive tool for intruders and increase threat against network security
  10. 10. BOTNET IS USED FOR- Money Bot Master
  11. 11. HOW BOTNET IS USED??Distributed Denial of Service (DDoS) attacks Sending Spams Phishing Addware Spyware Click Fraud
  12. 12. BOTNET DETECTIONTwo approaches for botnet detection based on Setting up honeynets Passive traffic monitoring  Signature based  Anomaly based  DNS based
  13. 13. BOTNET DETECTION:SETTING UP HONEYNETS Windows Honey pot  Honeywall Responsibilities: DNS/IP-address of IRC server and port number (optional) password to connect to IRC-server Nickname of bot Channel to join and (optional) channel-password
  14. 14. BOTNET DETECTION:SETTING UP HONEYNETS Bot Sensor 1. Malicious Traffic 2. Inform bot’s IP 3. Authorize Bot Master
  15. 15. BOTNET DETECTION:TRAFFIC MONITORING Signature based: Detection of known botnets Anomaly based: Detect botnet using following anomalies  High network latency  High volume of traffic  Traffic on unusual port  Unusual system behaviour DNS based: Analysis of DNS traffic generated by botnets
  16. 16. BOTNET DETECTION Determining the source of a botnet-based attack is challenging: Traditional approach: Every zombie host is an attacker Botnets can exist in a benign state for an arbitrary amount of time before they are used for a specific attack New trend: P2P networks
  17. 17. PREVENTING BOTNET INFECTIONSUse a Firewall Use Antivirus (AV) software Deploy an Intrusion Prevention System (IPS) Define a Security Policy and Share Policies with your users systematically
  18. 18. CONCLUSION  Botnets pose a significant and growing threat against cyber security  It provides key platform for many cyber crimes (DDOS)  As network security has become integral part of our life and botnets have become the most serious threat to it  It is very important to detect botnet attack and find the solution for it
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×