Your SlideShare is downloading. ×
0
introduction to Botnet
introduction to Botnet
introduction to Botnet
introduction to Botnet
introduction to Botnet
introduction to Botnet
introduction to Botnet
introduction to Botnet
introduction to Botnet
introduction to Botnet
introduction to Botnet
introduction to Botnet
introduction to Botnet
introduction to Botnet
introduction to Botnet
introduction to Botnet
introduction to Botnet
introduction to Botnet
introduction to Botnet
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

introduction to Botnet

324

Published on

a brief description about bot nets and working of Bots

a brief description about bot nets and working of Bots

Published in: Engineering, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
324
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
23
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  1. PRESENTATION ON BOTNET
  2. OUTLINE Introduction to Botnet  Botnet Life-cycle  Botnet in Network Security  Botnet Uses  Botnet Detection  Preventing Botnet Infection  Botnet Research  Conclusion
  3. INTRODUCTION  A Botnet is a network of compromised computers under the control of a remote attacker  controller of a botnet is able to direct the activities of these compromised computers  Botnet Terminology  Bot Herder (Bot Master)  Bot  Bot Client  IRC Server  Command and Control Channel (C&C)
  4. INTRODUCTION TO BOTNET(TERMINOLOGY) IRC Channel IRC Server Code Server IRC Channel C&C Traffic Updates Victim Attack Bot Master
  5. BOTNET LIFE-CYCLE
  6. BOTNET LIFE-CYCLE
  7. BOTNET LIFE-CYCLE
  8. BOTNET LIFE-CYCLE
  9. BOTNET IN NETWORK SECURITY  Internet users are getting infected by bots  Many times corporate and end users are trapped in botnet attacks  Today 16-25% of the computers connected to the internet are members of a botnet  In this network bots are located in various locations  It will become difficult to track illegal activities  This behavior makes botnet an attractive tool for intruders and increase threat against network security
  10. BOTNET IS USED FOR- Bot MasterMoney
  11. HOW BOTNET IS USED?? Distributed Denial of Service (DDoS) attacks  Sending Spams  Phishing  Addware  Spyware  Click Fraud
  12. BOTNET DETECTION Two approaches for botnet detection based on  Setting up honeynets  Passive traffic monitoring  Signature based  Anomaly based  DNS based
  13. BOTNET DETECTION:SETTING UP HONEYNETS Windows Honey pot  Honeywall Responsibilities: DNS/IP-address of IRC server and port number (optional) password to connect to IRC-server Nickname of bot Channel to join and (optional) channel-password
  14. BOTNET DETECTION:SETTING UP HONEYNETS Bot 1. Malicious Traffic Sensor 3. Authorize 2. Inform bot’s IP Bot Master
  15. BOTNET DETECTION:TRAFFIC MONITORING Signature based: Detection of known botnets  Anomaly based: Detect botnet using following anomalies  High network latency  High volume of traffic  Traffic on unusual port  Unusual system behaviour  DNS based: Analysis of DNS traffic generated by botnets
  16. BOTNET DETECTION  Determining the source of a botnet-based attack is challenging:  Traditional approach: Every zombie host is an attacker Botnets can exist in a benign state for an arbitrary amount of time before they are used for a specific attack  New trend: P2P networks
  17. PREVENTING BOTNET INFECTIONS Use a Firewall  Use Antivirus (AV) software  Deploy an Intrusion Prevention System (IPS)  Define a Security Policy and  Share Policies with your users systematically
  18. CONCLUSION  Botnets pose a significant and growing threat against cyber security  It provides key platform for many cyber crimes (DDOS)  As network security has become integral part of our life and botnets have become the most serious threat to it  It is very important to detect botnet attack and find the solution for it

×