Your SlideShare is downloading. ×
introduction to Botnet
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

introduction to Botnet

259
views

Published on

a brief description about bot nets and working of Bots

a brief description about bot nets and working of Bots

Published in: Engineering, Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
259
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
21
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. PRESENTATION ON BOTNET
  • 2. OUTLINE Introduction to Botnet  Botnet Life-cycle  Botnet in Network Security  Botnet Uses  Botnet Detection  Preventing Botnet Infection  Botnet Research  Conclusion
  • 3. INTRODUCTION  A Botnet is a network of compromised computers under the control of a remote attacker  controller of a botnet is able to direct the activities of these compromised computers  Botnet Terminology  Bot Herder (Bot Master)  Bot  Bot Client  IRC Server  Command and Control Channel (C&C)
  • 4. INTRODUCTION TO BOTNET(TERMINOLOGY) IRC Channel IRC Server Code Server IRC Channel C&C Traffic Updates Victim Attack Bot Master
  • 5. BOTNET LIFE-CYCLE
  • 6. BOTNET LIFE-CYCLE
  • 7. BOTNET LIFE-CYCLE
  • 8. BOTNET LIFE-CYCLE
  • 9. BOTNET IN NETWORK SECURITY  Internet users are getting infected by bots  Many times corporate and end users are trapped in botnet attacks  Today 16-25% of the computers connected to the internet are members of a botnet  In this network bots are located in various locations  It will become difficult to track illegal activities  This behavior makes botnet an attractive tool for intruders and increase threat against network security
  • 10. BOTNET IS USED FOR- Bot MasterMoney
  • 11. HOW BOTNET IS USED?? Distributed Denial of Service (DDoS) attacks  Sending Spams  Phishing  Addware  Spyware  Click Fraud
  • 12. BOTNET DETECTION Two approaches for botnet detection based on  Setting up honeynets  Passive traffic monitoring  Signature based  Anomaly based  DNS based
  • 13. BOTNET DETECTION:SETTING UP HONEYNETS Windows Honey pot  Honeywall Responsibilities: DNS/IP-address of IRC server and port number (optional) password to connect to IRC-server Nickname of bot Channel to join and (optional) channel-password
  • 14. BOTNET DETECTION:SETTING UP HONEYNETS Bot 1. Malicious Traffic Sensor 3. Authorize 2. Inform bot’s IP Bot Master
  • 15. BOTNET DETECTION:TRAFFIC MONITORING Signature based: Detection of known botnets  Anomaly based: Detect botnet using following anomalies  High network latency  High volume of traffic  Traffic on unusual port  Unusual system behaviour  DNS based: Analysis of DNS traffic generated by botnets
  • 16. BOTNET DETECTION  Determining the source of a botnet-based attack is challenging:  Traditional approach: Every zombie host is an attacker Botnets can exist in a benign state for an arbitrary amount of time before they are used for a specific attack  New trend: P2P networks
  • 17. PREVENTING BOTNET INFECTIONS Use a Firewall  Use Antivirus (AV) software  Deploy an Intrusion Prevention System (IPS)  Define a Security Policy and  Share Policies with your users systematically
  • 18. CONCLUSION  Botnets pose a significant and growing threat against cyber security  It provides key platform for many cyber crimes (DDOS)  As network security has become integral part of our life and botnets have become the most serious threat to it  It is very important to detect botnet attack and find the solution for it