SlideShare a Scribd company logo

Botnet Detection in Online-social Network

Download as PPTX, PDF
R
Rubal Sagwal

Botnet, Bot master, Command and Control Server, States for Bots, Types of attacks, most wanted bots, Botnet life cycle, botnet topology, Social botnet.

Technology
1 of 40
BOTNET DETECTION Presented By: Rubal Sagwal Cyber Security NIT, Kurukshetra
Motivation  Botnets signifies one of the most severe cybersecurity threats faced by everyone today.  Botnets have been used as the main path in carrying many cybercrimes reported in the recent news.  The Internet traffic consisted of up to 80 % of botnets traffic related to spam e-mails originating from known botnets such as Grum, Cutwail and Rustock. Currently, a large scale of botnets can be more than one million PCs, launching cyber attacks.  The FBI in 2013 reported that 10 international hackers were arrested for using botnets to steal more than $850 million through a group of compromised computers; they use the personal financial information of the people to steal such amount.  Online social networks (OSNs) are even more vulnerable by social bots.
Table of Content 1. Introduction 2. Types of attack 3. Most wanted bots 4. Life cycle of bots 5. Botnet topologies 6. Social bots 7. Types of social bot attack 8. Defensive technique 9. Conclusion 10. Future work
Background Introduction – Types of Attacks – Most wanted Bots
INTRODUCTION  A Botnet is a network of compromised computers called Zombie Computers or Bots, under the control of a remote attacker.  Botnets area large collection of geographically separate compromised machines that act as proxies to hide the actual location of the host.  Botnet is one of the most significant threats to the cybersecurity as they are considered a launching pad for a number of several illegal activities such as distributed denial of service (DDoS), click fraud, phishing, identity theft, spamming and malware distribution.
 A social botnet refers to a group of social bots under the control of a single bot-master, which work together to conduct malicious behavior while mimicking (copy) the interactions among normal OSN users to reduce their individual risk of being detected.
Types of Attack  Distributed Denial of Service (DDoS) attacks  Sending Spams, Viruses, Spyware  Phishing  Stealing  Click Fraud
States
States
Most Wanted Bots  Zeus- Compromised U.S. 3.6 million computers.  Koobface- Compromised U.S. 2.9 million computers.  TidServ- Compromised U.S. 1.5 million computers.  Trojan.Fakeavalert- Compromised U.S. 1.4 million computers.  R/Dldr.Agent.JKH- Compromised U.S. 1.2 million computers
Components of Botnet Botmaster – C & C Server – Bot-Machine
… … … . … … … … … … internet BOT MASTER C & C SERVER BOT MACHINE / ROBOT VICTIM MACHINE
Bot-Master  The bot master is a person who operates the command and control of botnets for remote process execution.  It can control the infected machines, send commands without directly communicating with them.  Moreover, botnet owners attempt to hide their communication with the bots to block any deployed botnet detection processes.  The attackers or bot masters use the DNS services to hide their command and control (C&C) IP address to make the botnet reliable and easy to migrate from server to another without being noticed.
Bot-Computer  A Bot-computer is a computer connected to the Internet that has been compromised by a hacker, computer virus or Trojan horse and may be used to perform malicious tasks of one sort or another beneath remote direction.  Botnets of bot-computers are often used to spread spam e-mail and launch denial-of-service attacks.  A bot is a malicious program that performs various actions at a cybercriminal’s command.
Command and Control Server  A command and control server (C & C) is a server used by cybercriminals (Bot-Master) to send orders to bots and to receive reports from them.  A C & C servers, it is probable that it can be either controlled by the malware operators directly, or themselves run on hardware compromised by malware.
Botnet Life Cycle Victim MachineBot Computer C & C Server Bot Master
Botnet Topologies 1. STAR TOPOLOGY 2. HIERARCHICAL TOPOLOGY 3. P2P TOPOLOGY
SOCIAL BOTNET
Social Botnet  A Social botnet refers to a group of social bots under the control of a single bot-master, which work together to conduct malicious behavior while mimicking (copy) the interactions among normal OSN users to reduce their individual risk of being detected.  For example, social bots on Twitter can follow others and retweet/answer others’ tweets. Since a skewed following/followers (FF) ratio is a typical feature for social bots on Twitter, maintaining a balanced FF ratio in the social botnet.  Creating a social botnet is also fairly easy due to the open APIs published by OSN providers.
Security Threats  A social-bot can pollute the targeted OSN with a large number of non-genuine social relationships.  Second, once a socialbot infiltrates a targeted OSN, it can exploit its new position in the network to spread misinformation in an attempt to bias the public opinion . For eg. : koobface botnet.  It can also harvest private user data such as email addresses, phone numbers, and other personally identifiable information that have monetary value.
OSN Vulnerabilities INEFFECTIVE CAPTCHA SYBIL ACCOUNTS AND FAKE PROFILES EXPLOITABLE PLATFORMS AND APIs
Bot Master C & C channel C & C Server Online Social Network Social Bots The Social- bot Network[4]
Social-Bot  A social-bot is a type of bot that controls a social media account. Like all bots, a social-bot is automated software. The exact way a social-bot replicates depends on the social network, but unlike a regular bot, a social-bot spreads by convincing other users that the social-bot is a real person.  A social-bot is also known as social networking bot, or social bot.
 A socialbot consists of two main components: > A profile on a targeted OSN (the face), and > The socialbot software (the brain)  we require the socialbot to support two types of generic operations in any given OSN: (1) social-interaction operations that are used to read and write social content. (2) social-structure operations that are used to alter the social graph.
Types of Social Bitnet Attack 1. Hashtag hijacking 2. Trend-jacking/watering hole 3. Spray and pray 4. Retweet storm 5. Click/Like Farming
Why OSN?  A social-bot can pollute the targeted OSN with a large number of non-genuine social relationships.  Second, once a social-bot infiltrates a targeted OSN, it can exploit its new position in the network to spread misinformation in an attempt to bias the public opinion . For eg. : koobface botnet.  It can also harvest private user data such as email addresses, phone numbers, and other personally identifiable information that have monetary value.  They allow to share user-generated contents in a fast and simple way (e.g., there is no need for additional hosting or authoring tools).
 They support user-to-user real-time interaction, as well as asynchronous conversations through messages and comments.  Web development techniques, such as the Asynchronous Java script and XML (AJAX) method, permit many OSNs to be very interactive even providing provision to real- time features.  Many OSNs can be accessed via ad-hoc client-interfaces specifically made for tablets, handheld devices and gaming consoles, making the service everywhere available.  As a consequence of a solid mobility support, OSNs also offer localization services.  Unintentional disclosure of personal information.
 Mobile devices are widely use to accessed OSNs from, e.g., via IEEE 802.11 air interfaces. Then, due the utilization of weak security settings to exchange data there are additional risks (e.g., the usage of HTTP instead of the Secure Hyper Text Transfer Protocol),  Third-party Web applications can access to user profiles, turning the OSN into an effective attack platform,  Therefore, the investigation of privacy and security aspects of OSNs is a mandatory action to guarantee their safe and successful utilization.
Are Social Bots Common?  Bots are actually more common than you might think.
Botnet Detection Technique 1. ANALYSIS BASED TECHNIQUE[6] USER’S WALL POST DRAGGED USER’S WALL POST FILTER USER’S POST WITHOUT URL CLUSTER USERS BASED ON URL AND PSOT IDENTIFY MALICIOUS USER ANALYZE USER SOCIAL BOT WITH FAST FLUX NETWORK
2. SUPERVISED LEARNING[3]  Most existing work on detecting misbehaving identities in social networks leverage supervised learning techniques.  It deploys honey pots in OSNs to attract spam, trains a machine learning (ML) classifier over the captured spam, and then detects new spam using the classifier.  It creates statistical behavioral profiles for Twitter users, trains a statistical model with a small manually labeled dataset of both benign and misbehaving users, and then uses it to detect compromised identities in Twitter.
 While working with large crowdsourcing systems, supervised learning approaches have inherent limitations. Specifically they are attack-specific and vulnerable to adaptive attacker strategies. Given the adaptability of the attacker strategies, to maintain efficacy.  supervised learning approaches require labeling, training, and classification to be done periodically.
3. DEFENSE AGAINST BOTNET-BASED SPAM DISTRIBUTION[3]  To defend against this attack, they propose to track each user’s history of participating in spam distribution and suspend a user if his accumulated suspicious behaviors exceed some threshold.  Specifically, for each user v we maintain a spam score sv, which is updated every time user v retweets a spam. Once sv exceeds a predefined threshold, user v is labeled as a spammer and suspended.  Closer the user to the spam source, the more likely he is a member of the social botnet. The reason is that social botnet usually prefers shorter retweeting path for fast spam dissemination.  Once a user’s spam score exceeds certain predetermined threshold, the user is suspended.
Open Issues  There are no methods which can accurately estimate the size of botnet.  Researchers are having access to very small amount of data for their work for which they have to sign an agreement for using that data separately for each domain.  The use of many detection approaches like Honeypots is also restricted because of conflicts between IT laws for data protection and securing IT services from any illegal intrusion.  As researchers managed to get very small amount of real data traces which make it very challenging to verify their work for large data set
Related Work  The social botnet has acknowledged attention only recently. Some works showed that a social botnet is very in effective in joining to many random or under attack Facebook users (i.e., large-scale infiltration).  The work in some paper shows how the spammers become cleverer to insert themselves into OSN. There is a rich collected works on spam detection in OSNs.  Some line of work think through independent spam bots and comes up with dissimilar methods to characterize and identify them.
 Some work emphases on describing and identifying planned spam campaigns launched by an army of spam bots. Moreover, spam bots are growing towards more intelligence.
Conclusion and Future Work  Botnets have played an important role as a major security threats on the Internet. It is estimated that over 80% of spam messages originate from these overlay networks.  The first necessary step towards combating botnet threats is developing efficient detection techniques.  From a computer security perspective, the concept of social bots is both interesting and disturbing: the threat is no longer from a human controlling or monitoring a computer, but from exactly the opposite.  As the future work, we will first extend our studies to OSNs such as Facebook and Google+ and twitter.  We will also investigate other attacks that can be enabled or facilitated by the social botnet so as to raise the attentiveness of OSN users and also help OSNs improve their acting up behavior detection systems.
Contd…  In addition, we plan to explore three lines of countermeasures against our attacks  The first line is inspired by the observation that the amount of communications from a legitimate OSN user to a social bot is usually far less than that in the opposite direction.  Another thinkable defense is to detect malicious applications registered by the bot-master at OSNs.  In actual, a large-scale social botnet often involves allocating the access privileges of individual bots to the applications the bot-master develops based on the OSN’s open APIs and registers with the OSN. These observations can help design effective and efficient algorithms for OSNs to identify malicious botnet applications.
REFERENCES 1. Sergio S.C. Silva, Rodrigo M.P. Silna, Raqel C.G. Pinto, Ronaldo M. Salles, “Botnet: A Survey” Computer Networks, Volume 57, Issue 2, 4 February 2013, Pages 178-403 2. Alieyan, Kamal, Ammar ALmomani, Ahmad Manasrah, and Mohammed M. Kadhum. "A survey of botnet detection based on DNS." Neural Computing and Applications (2015), Pages 1-18. 3. Caviglione, Luca, Mauro Coccoli, and Alessio Merlo. "A taxonomy-based model of security and privacy in online social networks." International Journal of Computational Science and Engineering 9, no. 4 (2014): 325-338. 4. Zhang, Jinxue, et al. "The rise of social botnets: Attacks and countermeasures." IEEE Transactions on Dependable and Secure Computing (2016). 5. Boshmaf, Yazan, Ildar Muslukhov, Konstantin Beznosov, and Matei Ripeanu. "The socialbot network: when bots socialize for fame and money." In Proceedings of the 27th annual computer security applications conference, pp. 93-102. ACM, 2011. 6. Tyagi, Amit Kumar, and G. Aghila. "Detection of fast flux network based social bot using analysis based techniques." Data Science & Engineering (ICDSE), 2012 International Conference on. IEEE, (2012), pp 23-26 7. Boshmaf, Yazan, et al. "Design and analysis of a social botnet." Computer Networks 57.2 (2013), Pages 556-578. 8. Do-evil-the-business-of-social-media-bots. http://www.forbes.com/sites/lutzfinger/2015/02/17/do-evil-the-business-of-social-media-bots/#34bae4351104 9. The-rise-of-social-media-botnets. http://www.darkreading.com/attacks-breaches/the-rise-of-social-media-botnets/a/d-id/1321177 10. kaspersky-ddos-intelligence-report-for-q3-2016. https://securelist.com/analysis/quarterly-malware-reports/76464/kaspersky-ddos-intelligence-report-for-q3- 2016/ 11. botnet-statistics-2017-02-05. http://botnet-tracker.blogspot.in/2017/02/botnet-statistics-2017-02-05.html 12. Socialbot. http://whatis.techtarget.com/definition/socialbot
Thank You!

Recommended

Botnet Detection Techniques
Botnet Detection TechniquesBotnet Detection Techniques
Botnet Detection TechniquesTeam Firefly
 
Botnet
Botnet Botnet
Botnet PriyanKa Harjai
 
Botnets
BotnetsBotnets
BotnetsVishwadeep Badgujar
 
Botnets 101
Botnets 101Botnets 101
Botnets 101Aung Thu Rha Hein
 
BOTNET
BOTNETBOTNET
BOTNETArjo Ghosh
 
Detection of cyber-bullying
Detection of cyber-bullying Detection of cyber-bullying
Detection of cyber-bullying Ziar Khan
 
Machine learning in Cyber Security
Machine learning in Cyber SecurityMachine learning in Cyber Security
Machine learning in Cyber SecurityRajathV2
 
Malicious traffic
Malicious trafficMalicious traffic
Malicious trafficIshraq Al Fataftah
 

Recommended

Botnet Detection Techniques
Botnet Detection TechniquesBotnet Detection Techniques
Botnet Detection TechniquesTeam Firefly
 
Botnet
Botnet Botnet
Botnet PriyanKa Harjai
 
Botnets
BotnetsBotnets
BotnetsVishwadeep Badgujar
 
Botnets 101
Botnets 101Botnets 101
Botnets 101Aung Thu Rha Hein
 
BOTNET
BOTNETBOTNET
BOTNETArjo Ghosh
 
Detection of cyber-bullying
Detection of cyber-bullying Detection of cyber-bullying
Detection of cyber-bullying Ziar Khan
 
Machine learning in Cyber Security
Machine learning in Cyber SecurityMachine learning in Cyber Security
Machine learning in Cyber SecurityRajathV2
 
Malicious traffic
Malicious trafficMalicious traffic
Malicious trafficIshraq Al Fataftah
 
Denial of service
Denial of serviceDenial of service
Denial of servicegarishma bhatia
 
Detecting the presence of cyberbullying using computer software
Detecting the presence of cyberbullying using computer softwareDetecting the presence of cyberbullying using computer software
Detecting the presence of cyberbullying using computer softwareAshish Arora
 
Botnets
BotnetsBotnets
BotnetsKavisha Miyan
 
CYBERBULLYING DETECTION USING MACHINE LEARNING-1 (1).pdf
CYBERBULLYING DETECTION USING MACHINE LEARNING-1 (1).pdfCYBERBULLYING DETECTION USING MACHINE LEARNING-1 (1).pdf
CYBERBULLYING DETECTION USING MACHINE LEARNING-1 (1).pdfKumbidiGaming
 
12 types of DDoS attacks
12 types of DDoS attacks12 types of DDoS attacks
12 types of DDoS attacksHaltdos
 
Penetration testing web application web application (in) security
Penetration testing web application web application (in) securityPenetration testing web application web application (in) security
Penetration testing web application web application (in) securityNahidul Kibria
 
Overview of Artificial Intelligence in Cybersecurity
Overview of Artificial Intelligence in CybersecurityOverview of Artificial Intelligence in Cybersecurity
Overview of Artificial Intelligence in CybersecurityOlivier Busolini
 
Botnets
BotnetsBotnets
Botnetsrichashri3
 
PHISHING DETECTION
PHISHING DETECTIONPHISHING DETECTION
PHISHING DETECTIONumme ayesha
 
DDoS Attack Presentation.pptx
DDoS Attack Presentation.pptxDDoS Attack Presentation.pptx
DDoS Attack Presentation.pptxHusamKhan1
 
Introduction to foot printing
Introduction to foot printingIntroduction to foot printing
Introduction to foot printingCHETAN THAKRE
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber TerrorismDeepak Pareek
 
introduction to Botnet
introduction to Botnetintroduction to Botnet
introduction to Botnetyogendra singh chahar
 
case study on cyber crime
case study on cyber crimecase study on cyber crime
case study on cyber crimeParas Kansagara
 
Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Gaurav Sharma
 
KHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack PreventionKHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack PreventionAPNIC
 
Ip spoofing ppt
Ip spoofing pptIp spoofing ppt
Ip spoofing pptAnushakp9
 
What is botnet?
What is botnet?What is botnet?
What is botnet?Milan Petrásek
 
Malware ppt final.pptx
Malware ppt final.pptxMalware ppt final.pptx
Malware ppt final.pptxLakshayNRReddy
 
DDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin BishtDDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin BishtNitin Bisht
 
Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1Aniq Eastrarulkhair
 
Botnet
BotnetBotnet
BotnetJoshin Gomez
 

More Related Content

What's hot

Detecting the presence of cyberbullying using computer software
Detecting the presence of cyberbullying using computer softwareDetecting the presence of cyberbullying using computer software
Detecting the presence of cyberbullying using computer softwareAshish Arora
 
CYBERBULLYING DETECTION USING MACHINE LEARNING-1 (1).pdf
CYBERBULLYING DETECTION USING MACHINE LEARNING-1 (1).pdfCYBERBULLYING DETECTION USING MACHINE LEARNING-1 (1).pdf
CYBERBULLYING DETECTION USING MACHINE LEARNING-1 (1).pdfKumbidiGaming
 
12 types of DDoS attacks
12 types of DDoS attacks12 types of DDoS attacks
12 types of DDoS attacksHaltdos
 
Penetration testing web application web application (in) security
Penetration testing web application web application (in) securityPenetration testing web application web application (in) security
Penetration testing web application web application (in) securityNahidul Kibria
 
Overview of Artificial Intelligence in Cybersecurity
Overview of Artificial Intelligence in CybersecurityOverview of Artificial Intelligence in Cybersecurity
Overview of Artificial Intelligence in CybersecurityOlivier Busolini
 
PHISHING DETECTION
PHISHING DETECTIONPHISHING DETECTION
PHISHING DETECTIONumme ayesha
 
DDoS Attack Presentation.pptx
DDoS Attack Presentation.pptxDDoS Attack Presentation.pptx
DDoS Attack Presentation.pptxHusamKhan1
 
Introduction to foot printing
Introduction to foot printingIntroduction to foot printing
Introduction to foot printingCHETAN THAKRE
 
case study on cyber crime
case study on cyber crimecase study on cyber crime
case study on cyber crimeParas Kansagara
 
Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Gaurav Sharma
 
KHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack PreventionKHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack PreventionAPNIC
 
Ip spoofing ppt
Ip spoofing pptIp spoofing ppt
Ip spoofing pptAnushakp9
 
Malware ppt final.pptx
Malware ppt final.pptxMalware ppt final.pptx
Malware ppt final.pptxLakshayNRReddy
 
DDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin BishtDDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin BishtNitin Bisht
 

What's hot (20)

Denial of service
Denial of serviceDenial of service
Denial of service
 
Detecting the presence of cyberbullying using computer software
Detecting the presence of cyberbullying using computer softwareDetecting the presence of cyberbullying using computer software
Detecting the presence of cyberbullying using computer software
 
Botnets
BotnetsBotnets
Botnets
 
CYBERBULLYING DETECTION USING MACHINE LEARNING-1 (1).pdf
CYBERBULLYING DETECTION USING MACHINE LEARNING-1 (1).pdfCYBERBULLYING DETECTION USING MACHINE LEARNING-1 (1).pdf
CYBERBULLYING DETECTION USING MACHINE LEARNING-1 (1).pdf
 
12 types of DDoS attacks
12 types of DDoS attacks12 types of DDoS attacks
12 types of DDoS attacks
 
Penetration testing web application web application (in) security
Penetration testing web application web application (in) securityPenetration testing web application web application (in) security
Penetration testing web application web application (in) security
 
Overview of Artificial Intelligence in Cybersecurity
Overview of Artificial Intelligence in CybersecurityOverview of Artificial Intelligence in Cybersecurity
Overview of Artificial Intelligence in Cybersecurity
 
Botnets
BotnetsBotnets
Botnets
 
PHISHING DETECTION
PHISHING DETECTIONPHISHING DETECTION
PHISHING DETECTION
 
DDoS Attack Presentation.pptx
DDoS Attack Presentation.pptxDDoS Attack Presentation.pptx
DDoS Attack Presentation.pptx
 
Introduction to foot printing
Introduction to foot printingIntroduction to foot printing
Introduction to foot printing
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber Terrorism
 
introduction to Botnet
introduction to Botnetintroduction to Botnet
introduction to Botnet
 
case study on cyber crime
case study on cyber crimecase study on cyber crime
case study on cyber crime
 
Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)
 
KHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack PreventionKHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack Prevention
 
Ip spoofing ppt
Ip spoofing pptIp spoofing ppt
Ip spoofing ppt
 
What is botnet?
What is botnet?What is botnet?
What is botnet?
 
Malware ppt final.pptx
Malware ppt final.pptxMalware ppt final.pptx
Malware ppt final.pptx
 
DDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin BishtDDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin Bisht
 

Similar to Botnet Detection in Online-social Network

Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1Aniq Eastrarulkhair
 
Guarding Against Large-Scale Scrabble In Social Network
Guarding Against Large-Scale Scrabble In Social NetworkGuarding Against Large-Scale Scrabble In Social Network
Guarding Against Large-Scale Scrabble In Social NetworkEditor IJCATR
 
All you know about Botnet
All you know about BotnetAll you know about Botnet
All you know about BotnetNaveen Titare
 
Detecting HTTP Botnet using Artificial Immune System (AIS)
Detecting HTTP Botnet using Artificial Immune System (AIS)Detecting HTTP Botnet using Artificial Immune System (AIS)
Detecting HTTP Botnet using Artificial Immune System (AIS)sadique_ghitm
 
A short visit to the bot zoo
A short visit to the bot zooA short visit to the bot zoo
A short visit to the bot zooUltraUploader
 
A Survey of Botnet Detection Techniques
A Survey of Botnet Detection TechniquesA Survey of Botnet Detection Techniques
A Survey of Botnet Detection Techniquesijsrd.com
 
A CONCEPTUAL FRAMEWORK OF A DETECTIVE MODEL FOR SOCIAL BOT CLASSIFICATION
A CONCEPTUAL FRAMEWORK OF A DETECTIVE MODEL FOR SOCIAL BOT CLASSIFICATIONA CONCEPTUAL FRAMEWORK OF A DETECTIVE MODEL FOR SOCIAL BOT CLASSIFICATION
A CONCEPTUAL FRAMEWORK OF A DETECTIVE MODEL FOR SOCIAL BOT CLASSIFICATIONijasa
 
“Design and Detection of Mobile Botnet Attacks”
“Design and Detection of Mobile Botnet Attacks”“Design and Detection of Mobile Botnet Attacks”
“Design and Detection of Mobile Botnet Attacks”iosrjce
 
CrossTalk - The Art of Cyber Bank Robbery - Stealing your Money Through Insid...
CrossTalk - The Art of Cyber Bank Robbery - Stealing your Money Through Insid...CrossTalk - The Art of Cyber Bank Robbery - Stealing your Money Through Insid...
CrossTalk - The Art of Cyber Bank Robbery - Stealing your Money Through Insid...Aditya K Sood
 
A review botnet detection and suppression in clouds
A review botnet detection and suppression in cloudsA review botnet detection and suppression in clouds
A review botnet detection and suppression in cloudsAlexander Decker
 
Detection of Botnets using Honeypots and P2P Botnets
Detection of Botnets using Honeypots and P2P BotnetsDetection of Botnets using Honeypots and P2P Botnets
Detection of Botnets using Honeypots and P2P BotnetsCSCJournals
 
Tracing Back The Botmaster
Tracing Back The BotmasterTracing Back The Botmaster
Tracing Back The BotmasterIJERA Editor
 
A Dynamic Botnet Detection Model based on Behavior Analysis
A Dynamic Botnet Detection Model based on Behavior AnalysisA Dynamic Botnet Detection Model based on Behavior Analysis
A Dynamic Botnet Detection Model based on Behavior Analysisidescitation
 
Face expressions, facial features, kinect sensor, face tracking SDK, neural n...
Face expressions, facial features, kinect sensor, face tracking SDK, neural n...Face expressions, facial features, kinect sensor, face tracking SDK, neural n...
Face expressions, facial features, kinect sensor, face tracking SDK, neural n...iosrjce
 

Similar to Botnet Detection in Online-social Network (20)

Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1
 
Botnet
BotnetBotnet
Botnet
 
Guarding Against Large-Scale Scrabble In Social Network
Guarding Against Large-Scale Scrabble In Social NetworkGuarding Against Large-Scale Scrabble In Social Network
Guarding Against Large-Scale Scrabble In Social Network
 
All you know about Botnet
All you know about BotnetAll you know about Botnet
All you know about Botnet
 
Detecting HTTP Botnet using Artificial Immune System (AIS)
Detecting HTTP Botnet using Artificial Immune System (AIS)Detecting HTTP Botnet using Artificial Immune System (AIS)
Detecting HTTP Botnet using Artificial Immune System (AIS)
 
Botnet
BotnetBotnet
Botnet
 
How To Protect Your Website From Bot Attacks
How To Protect Your Website From Bot AttacksHow To Protect Your Website From Bot Attacks
How To Protect Your Website From Bot Attacks
 
A short visit to the bot zoo
A short visit to the bot zooA short visit to the bot zoo
A short visit to the bot zoo
 
Botnet Architecture
Botnet ArchitectureBotnet Architecture
Botnet Architecture
 
A Survey of Botnet Detection Techniques
A Survey of Botnet Detection TechniquesA Survey of Botnet Detection Techniques
A Survey of Botnet Detection Techniques
 
A CONCEPTUAL FRAMEWORK OF A DETECTIVE MODEL FOR SOCIAL BOT CLASSIFICATION
A CONCEPTUAL FRAMEWORK OF A DETECTIVE MODEL FOR SOCIAL BOT CLASSIFICATIONA CONCEPTUAL FRAMEWORK OF A DETECTIVE MODEL FOR SOCIAL BOT CLASSIFICATION
A CONCEPTUAL FRAMEWORK OF A DETECTIVE MODEL FOR SOCIAL BOT CLASSIFICATION
 
“Design and Detection of Mobile Botnet Attacks”
“Design and Detection of Mobile Botnet Attacks”“Design and Detection of Mobile Botnet Attacks”
“Design and Detection of Mobile Botnet Attacks”
 
P01761113118
P01761113118P01761113118
P01761113118
 
CrossTalk - The Art of Cyber Bank Robbery - Stealing your Money Through Insid...
CrossTalk - The Art of Cyber Bank Robbery - Stealing your Money Through Insid...CrossTalk - The Art of Cyber Bank Robbery - Stealing your Money Through Insid...
CrossTalk - The Art of Cyber Bank Robbery - Stealing your Money Through Insid...
 
A review botnet detection and suppression in clouds
A review botnet detection and suppression in cloudsA review botnet detection and suppression in clouds
A review botnet detection and suppression in clouds
 
Detection of Botnets using Honeypots and P2P Botnets
Detection of Botnets using Honeypots and P2P BotnetsDetection of Botnets using Honeypots and P2P Botnets
Detection of Botnets using Honeypots and P2P Botnets
 
Tracing Back The Botmaster
Tracing Back The BotmasterTracing Back The Botmaster
Tracing Back The Botmaster
 
A Dynamic Botnet Detection Model based on Behavior Analysis
A Dynamic Botnet Detection Model based on Behavior AnalysisA Dynamic Botnet Detection Model based on Behavior Analysis
A Dynamic Botnet Detection Model based on Behavior Analysis
 
L017326972
L017326972L017326972
L017326972
 
Face expressions, facial features, kinect sensor, face tracking SDK, neural n...
Face expressions, facial features, kinect sensor, face tracking SDK, neural n...Face expressions, facial features, kinect sensor, face tracking SDK, neural n...
Face expressions, facial features, kinect sensor, face tracking SDK, neural n...
 

More from Rubal Sagwal

Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information SecurityRubal Sagwal
 
Cloud and Virtualization Security
Cloud and Virtualization SecurityCloud and Virtualization Security
Cloud and Virtualization SecurityRubal Sagwal
 
Cloud and Virtualization (Using Virtualization to form Clouds)
Cloud and Virtualization (Using Virtualization to form Clouds)Cloud and Virtualization (Using Virtualization to form Clouds)
Cloud and Virtualization (Using Virtualization to form Clouds)Rubal Sagwal
 
ER Modeling and Introduction to RDBMS
ER Modeling and Introduction to RDBMSER Modeling and Introduction to RDBMS
ER Modeling and Introduction to RDBMSRubal Sagwal
 
Database Models, Client-Server Architecture, Distributed Database and Classif...
Database Models, Client-Server Architecture, Distributed Database and Classif...Database Models, Client-Server Architecture, Distributed Database and Classif...
Database Models, Client-Server Architecture, Distributed Database and Classif...Rubal Sagwal
 
Overview of Data Base Systems Concepts and Architecture
Overview of Data Base Systems Concepts and ArchitectureOverview of Data Base Systems Concepts and Architecture
Overview of Data Base Systems Concepts and ArchitectureRubal Sagwal
 
Practical Implementation of Virtual Machine
Practical Implementation of Virtual MachinePractical Implementation of Virtual Machine
Practical Implementation of Virtual MachineRubal Sagwal
 
Principles of Virtualization - Introduction to Virtualization Software
Principles of Virtualization - Introduction to Virtualization Software Principles of Virtualization - Introduction to Virtualization Software
Principles of Virtualization - Introduction to Virtualization Software Rubal Sagwal
 
Accessing virtualized published applications
Accessing virtualized published applicationsAccessing virtualized published applications
Accessing virtualized published applicationsRubal Sagwal
 
Prepare and Manage Remote Applications through Virtualization
Prepare and Manage Remote Applications through Virtualization Prepare and Manage Remote Applications through Virtualization
Prepare and Manage Remote Applications through Virtualization Rubal Sagwal
 
Managing Virtual Hard Disk and Virtual Machine Resources
Managing Virtual Hard Disk and Virtual Machine ResourcesManaging Virtual Hard Disk and Virtual Machine Resources
Managing Virtual Hard Disk and Virtual Machine ResourcesRubal Sagwal
 
Configure and Manage Virtualization on different Platforms
Configure and Manage Virtualization on different Platforms Configure and Manage Virtualization on different Platforms
Configure and Manage Virtualization on different Platforms Rubal Sagwal
 
Virtualization Uses - Server Consolidation
Virtualization Uses - Server Consolidation Virtualization Uses - Server Consolidation
Virtualization Uses - Server Consolidation Rubal Sagwal
 
Principles of virtualization
Principles of virtualizationPrinciples of virtualization
Principles of virtualizationRubal Sagwal
 
Troubleshooting Network and Network Utilities
Troubleshooting Network and Network UtilitiesTroubleshooting Network and Network Utilities
Troubleshooting Network and Network UtilitiesRubal Sagwal
 
Application Layer and Protocols
Application Layer and ProtocolsApplication Layer and Protocols
Application Layer and ProtocolsRubal Sagwal
 
Basics of Network Layer and Transport Layer
Basics of Network Layer and Transport LayerBasics of Network Layer and Transport Layer
Basics of Network Layer and Transport LayerRubal Sagwal
 
Wireless Technologies and Standards
Wireless Technologies and StandardsWireless Technologies and Standards
Wireless Technologies and StandardsRubal Sagwal
 
Ethernet, Point-to-Point Protocol, ARP
Ethernet, Point-to-Point Protocol, ARP Ethernet, Point-to-Point Protocol, ARP
Ethernet, Point-to-Point Protocol, ARP Rubal Sagwal
 
Basics of Computer Network Device
Basics of Computer Network DeviceBasics of Computer Network Device
Basics of Computer Network DeviceRubal Sagwal
 

More from Rubal Sagwal (20)

Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information Security
 
Cloud and Virtualization Security
Cloud and Virtualization SecurityCloud and Virtualization Security
Cloud and Virtualization Security
 
Cloud and Virtualization (Using Virtualization to form Clouds)
Cloud and Virtualization (Using Virtualization to form Clouds)Cloud and Virtualization (Using Virtualization to form Clouds)
Cloud and Virtualization (Using Virtualization to form Clouds)
 
ER Modeling and Introduction to RDBMS
ER Modeling and Introduction to RDBMSER Modeling and Introduction to RDBMS
ER Modeling and Introduction to RDBMS
 
Database Models, Client-Server Architecture, Distributed Database and Classif...
Database Models, Client-Server Architecture, Distributed Database and Classif...Database Models, Client-Server Architecture, Distributed Database and Classif...
Database Models, Client-Server Architecture, Distributed Database and Classif...
 
Overview of Data Base Systems Concepts and Architecture
Overview of Data Base Systems Concepts and ArchitectureOverview of Data Base Systems Concepts and Architecture
Overview of Data Base Systems Concepts and Architecture
 
Practical Implementation of Virtual Machine
Practical Implementation of Virtual MachinePractical Implementation of Virtual Machine
Practical Implementation of Virtual Machine
 
Principles of Virtualization - Introduction to Virtualization Software
Principles of Virtualization - Introduction to Virtualization Software Principles of Virtualization - Introduction to Virtualization Software
Principles of Virtualization - Introduction to Virtualization Software
 
Accessing virtualized published applications
Accessing virtualized published applicationsAccessing virtualized published applications
Accessing virtualized published applications
 
Prepare and Manage Remote Applications through Virtualization
Prepare and Manage Remote Applications through Virtualization Prepare and Manage Remote Applications through Virtualization
Prepare and Manage Remote Applications through Virtualization
 
Managing Virtual Hard Disk and Virtual Machine Resources
Managing Virtual Hard Disk and Virtual Machine ResourcesManaging Virtual Hard Disk and Virtual Machine Resources
Managing Virtual Hard Disk and Virtual Machine Resources
 
Configure and Manage Virtualization on different Platforms
Configure and Manage Virtualization on different Platforms Configure and Manage Virtualization on different Platforms
Configure and Manage Virtualization on different Platforms
 
Virtualization Uses - Server Consolidation
Virtualization Uses - Server Consolidation Virtualization Uses - Server Consolidation
Virtualization Uses - Server Consolidation
 
Principles of virtualization
Principles of virtualizationPrinciples of virtualization
Principles of virtualization
 
Troubleshooting Network and Network Utilities
Troubleshooting Network and Network UtilitiesTroubleshooting Network and Network Utilities
Troubleshooting Network and Network Utilities
 
Application Layer and Protocols
Application Layer and ProtocolsApplication Layer and Protocols
Application Layer and Protocols
 
Basics of Network Layer and Transport Layer
Basics of Network Layer and Transport LayerBasics of Network Layer and Transport Layer
Basics of Network Layer and Transport Layer
 
Wireless Technologies and Standards
Wireless Technologies and StandardsWireless Technologies and Standards
Wireless Technologies and Standards
 
Ethernet, Point-to-Point Protocol, ARP
Ethernet, Point-to-Point Protocol, ARP Ethernet, Point-to-Point Protocol, ARP
Ethernet, Point-to-Point Protocol, ARP
 
Basics of Computer Network Device
Basics of Computer Network DeviceBasics of Computer Network Device
Basics of Computer Network Device
 

Recently uploaded

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 

Recently uploaded (20)

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 

Botnet Detection in Online-social Network

  • 1. BOTNET DETECTION Presented By: Rubal Sagwal Cyber Security NIT, Kurukshetra
  • 2. Motivation  Botnets signifies one of the most severe cybersecurity threats faced by everyone today.  Botnets have been used as the main path in carrying many cybercrimes reported in the recent news.  The Internet traffic consisted of up to 80 % of botnets traffic related to spam e-mails originating from known botnets such as Grum, Cutwail and Rustock. Currently, a large scale of botnets can be more than one million PCs, launching cyber attacks.  The FBI in 2013 reported that 10 international hackers were arrested for using botnets to steal more than $850 million through a group of compromised computers; they use the personal financial information of the people to steal such amount.  Online social networks (OSNs) are even more vulnerable by social bots.
  • 3. Table of Content 1. Introduction 2. Types of attack 3. Most wanted bots 4. Life cycle of bots 5. Botnet topologies 6. Social bots 7. Types of social bot attack 8. Defensive technique 9. Conclusion 10. Future work
  • 4. Background Introduction – Types of Attacks – Most wanted Bots
  • 5. INTRODUCTION  A Botnet is a network of compromised computers called Zombie Computers or Bots, under the control of a remote attacker.  Botnets area large collection of geographically separate compromised machines that act as proxies to hide the actual location of the host.  Botnet is one of the most significant threats to the cybersecurity as they are considered a launching pad for a number of several illegal activities such as distributed denial of service (DDoS), click fraud, phishing, identity theft, spamming and malware distribution.
  • 6.  A social botnet refers to a group of social bots under the control of a single bot-master, which work together to conduct malicious behavior while mimicking (copy) the interactions among normal OSN users to reduce their individual risk of being detected.
  • 7. Types of Attack  Distributed Denial of Service (DDoS) attacks  Sending Spams, Viruses, Spyware  Phishing  Stealing  Click Fraud
  • 10. Most Wanted Bots  Zeus- Compromised U.S. 3.6 million computers.  Koobface- Compromised U.S. 2.9 million computers.  TidServ- Compromised U.S. 1.5 million computers.  Trojan.Fakeavalert- Compromised U.S. 1.4 million computers.  R/Dldr.Agent.JKH- Compromised U.S. 1.2 million computers
  • 11. Components of Botnet Botmaster – C & C Server – Bot-Machine
  • 12. … … … . … … … … … … internet BOT MASTER C & C SERVER BOT MACHINE / ROBOT VICTIM MACHINE
  • 13. Bot-Master  The bot master is a person who operates the command and control of botnets for remote process execution.  It can control the infected machines, send commands without directly communicating with them.  Moreover, botnet owners attempt to hide their communication with the bots to block any deployed botnet detection processes.  The attackers or bot masters use the DNS services to hide their command and control (C&C) IP address to make the botnet reliable and easy to migrate from server to another without being noticed.
  • 14. Bot-Computer  A Bot-computer is a computer connected to the Internet that has been compromised by a hacker, computer virus or Trojan horse and may be used to perform malicious tasks of one sort or another beneath remote direction.  Botnets of bot-computers are often used to spread spam e-mail and launch denial-of-service attacks.  A bot is a malicious program that performs various actions at a cybercriminal’s command.
  • 15. Command and Control Server  A command and control server (C & C) is a server used by cybercriminals (Bot-Master) to send orders to bots and to receive reports from them.  A C & C servers, it is probable that it can be either controlled by the malware operators directly, or themselves run on hardware compromised by malware.
  • 16. Botnet Life Cycle Victim MachineBot Computer C & C Server Bot Master
  • 17. Botnet Topologies 1. STAR TOPOLOGY 2. HIERARCHICAL TOPOLOGY 3. P2P TOPOLOGY
  • 19. Social Botnet  A Social botnet refers to a group of social bots under the control of a single bot-master, which work together to conduct malicious behavior while mimicking (copy) the interactions among normal OSN users to reduce their individual risk of being detected.  For example, social bots on Twitter can follow others and retweet/answer others’ tweets. Since a skewed following/followers (FF) ratio is a typical feature for social bots on Twitter, maintaining a balanced FF ratio in the social botnet.  Creating a social botnet is also fairly easy due to the open APIs published by OSN providers.
  • 20. Security Threats  A social-bot can pollute the targeted OSN with a large number of non-genuine social relationships.  Second, once a socialbot infiltrates a targeted OSN, it can exploit its new position in the network to spread misinformation in an attempt to bias the public opinion . For eg. : koobface botnet.  It can also harvest private user data such as email addresses, phone numbers, and other personally identifiable information that have monetary value.
  • 21. OSN Vulnerabilities INEFFECTIVE CAPTCHA SYBIL ACCOUNTS AND FAKE PROFILES EXPLOITABLE PLATFORMS AND APIs
  • 22. Bot Master C & C channel C & C Server Online Social Network Social Bots The Social- bot Network[4]
  • 23. Social-Bot  A social-bot is a type of bot that controls a social media account. Like all bots, a social-bot is automated software. The exact way a social-bot replicates depends on the social network, but unlike a regular bot, a social-bot spreads by convincing other users that the social-bot is a real person.  A social-bot is also known as social networking bot, or social bot.
  • 24.  A socialbot consists of two main components: > A profile on a targeted OSN (the face), and > The socialbot software (the brain)  we require the socialbot to support two types of generic operations in any given OSN: (1) social-interaction operations that are used to read and write social content. (2) social-structure operations that are used to alter the social graph.
  • 25. Types of Social Bitnet Attack 1. Hashtag hijacking 2. Trend-jacking/watering hole 3. Spray and pray 4. Retweet storm 5. Click/Like Farming
  • 26. Why OSN?  A social-bot can pollute the targeted OSN with a large number of non-genuine social relationships.  Second, once a social-bot infiltrates a targeted OSN, it can exploit its new position in the network to spread misinformation in an attempt to bias the public opinion . For eg. : koobface botnet.  It can also harvest private user data such as email addresses, phone numbers, and other personally identifiable information that have monetary value.  They allow to share user-generated contents in a fast and simple way (e.g., there is no need for additional hosting or authoring tools).
  • 27.  They support user-to-user real-time interaction, as well as asynchronous conversations through messages and comments.  Web development techniques, such as the Asynchronous Java script and XML (AJAX) method, permit many OSNs to be very interactive even providing provision to real- time features.  Many OSNs can be accessed via ad-hoc client-interfaces specifically made for tablets, handheld devices and gaming consoles, making the service everywhere available.  As a consequence of a solid mobility support, OSNs also offer localization services.  Unintentional disclosure of personal information.
  • 28.  Mobile devices are widely use to accessed OSNs from, e.g., via IEEE 802.11 air interfaces. Then, due the utilization of weak security settings to exchange data there are additional risks (e.g., the usage of HTTP instead of the Secure Hyper Text Transfer Protocol),  Third-party Web applications can access to user profiles, turning the OSN into an effective attack platform,  Therefore, the investigation of privacy and security aspects of OSNs is a mandatory action to guarantee their safe and successful utilization.
  • 29. Are Social Bots Common?  Bots are actually more common than you might think.
  • 30. Botnet Detection Technique 1. ANALYSIS BASED TECHNIQUE[6] USER’S WALL POST DRAGGED USER’S WALL POST FILTER USER’S POST WITHOUT URL CLUSTER USERS BASED ON URL AND PSOT IDENTIFY MALICIOUS USER ANALYZE USER SOCIAL BOT WITH FAST FLUX NETWORK
  • 31. 2. SUPERVISED LEARNING[3]  Most existing work on detecting misbehaving identities in social networks leverage supervised learning techniques.  It deploys honey pots in OSNs to attract spam, trains a machine learning (ML) classifier over the captured spam, and then detects new spam using the classifier.  It creates statistical behavioral profiles for Twitter users, trains a statistical model with a small manually labeled dataset of both benign and misbehaving users, and then uses it to detect compromised identities in Twitter.
  • 32.  While working with large crowdsourcing systems, supervised learning approaches have inherent limitations. Specifically they are attack-specific and vulnerable to adaptive attacker strategies. Given the adaptability of the attacker strategies, to maintain efficacy.  supervised learning approaches require labeling, training, and classification to be done periodically.
  • 33. 3. DEFENSE AGAINST BOTNET-BASED SPAM DISTRIBUTION[3]  To defend against this attack, they propose to track each user’s history of participating in spam distribution and suspend a user if his accumulated suspicious behaviors exceed some threshold.  Specifically, for each user v we maintain a spam score sv, which is updated every time user v retweets a spam. Once sv exceeds a predefined threshold, user v is labeled as a spammer and suspended.  Closer the user to the spam source, the more likely he is a member of the social botnet. The reason is that social botnet usually prefers shorter retweeting path for fast spam dissemination.  Once a user’s spam score exceeds certain predetermined threshold, the user is suspended.
  • 34. Open Issues  There are no methods which can accurately estimate the size of botnet.  Researchers are having access to very small amount of data for their work for which they have to sign an agreement for using that data separately for each domain.  The use of many detection approaches like Honeypots is also restricted because of conflicts between IT laws for data protection and securing IT services from any illegal intrusion.  As researchers managed to get very small amount of real data traces which make it very challenging to verify their work for large data set
  • 35. Related Work  The social botnet has acknowledged attention only recently. Some works showed that a social botnet is very in effective in joining to many random or under attack Facebook users (i.e., large-scale infiltration).  The work in some paper shows how the spammers become cleverer to insert themselves into OSN. There is a rich collected works on spam detection in OSNs.  Some line of work think through independent spam bots and comes up with dissimilar methods to characterize and identify them.
  • 36.  Some work emphases on describing and identifying planned spam campaigns launched by an army of spam bots. Moreover, spam bots are growing towards more intelligence.
  • 37. Conclusion and Future Work  Botnets have played an important role as a major security threats on the Internet. It is estimated that over 80% of spam messages originate from these overlay networks.  The first necessary step towards combating botnet threats is developing efficient detection techniques.  From a computer security perspective, the concept of social bots is both interesting and disturbing: the threat is no longer from a human controlling or monitoring a computer, but from exactly the opposite.  As the future work, we will first extend our studies to OSNs such as Facebook and Google+ and twitter.  We will also investigate other attacks that can be enabled or facilitated by the social botnet so as to raise the attentiveness of OSN users and also help OSNs improve their acting up behavior detection systems.
  • 38. Contd…  In addition, we plan to explore three lines of countermeasures against our attacks  The first line is inspired by the observation that the amount of communications from a legitimate OSN user to a social bot is usually far less than that in the opposite direction.  Another thinkable defense is to detect malicious applications registered by the bot-master at OSNs.  In actual, a large-scale social botnet often involves allocating the access privileges of individual bots to the applications the bot-master develops based on the OSN’s open APIs and registers with the OSN. These observations can help design effective and efficient algorithms for OSNs to identify malicious botnet applications.
  • 39. REFERENCES 1. Sergio S.C. Silva, Rodrigo M.P. Silna, Raqel C.G. Pinto, Ronaldo M. Salles, “Botnet: A Survey” Computer Networks, Volume 57, Issue 2, 4 February 2013, Pages 178-403 2. Alieyan, Kamal, Ammar ALmomani, Ahmad Manasrah, and Mohammed M. Kadhum. "A survey of botnet detection based on DNS." Neural Computing and Applications (2015), Pages 1-18. 3. Caviglione, Luca, Mauro Coccoli, and Alessio Merlo. "A taxonomy-based model of security and privacy in online social networks." International Journal of Computational Science and Engineering 9, no. 4 (2014): 325-338. 4. Zhang, Jinxue, et al. "The rise of social botnets: Attacks and countermeasures." IEEE Transactions on Dependable and Secure Computing (2016). 5. Boshmaf, Yazan, Ildar Muslukhov, Konstantin Beznosov, and Matei Ripeanu. "The socialbot network: when bots socialize for fame and money." In Proceedings of the 27th annual computer security applications conference, pp. 93-102. ACM, 2011. 6. Tyagi, Amit Kumar, and G. Aghila. "Detection of fast flux network based social bot using analysis based techniques." Data Science & Engineering (ICDSE), 2012 International Conference on. IEEE, (2012), pp 23-26 7. Boshmaf, Yazan, et al. "Design and analysis of a social botnet." Computer Networks 57.2 (2013), Pages 556-578. 8. Do-evil-the-business-of-social-media-bots. http://www.forbes.com/sites/lutzfinger/2015/02/17/do-evil-the-business-of-social-media-bots/#34bae4351104 9. The-rise-of-social-media-botnets. http://www.darkreading.com/attacks-breaches/the-rise-of-social-media-botnets/a/d-id/1321177 10. kaspersky-ddos-intelligence-report-for-q3-2016. https://securelist.com/analysis/quarterly-malware-reports/76464/kaspersky-ddos-intelligence-report-for-q3- 2016/ 11. botnet-statistics-2017-02-05. http://botnet-tracker.blogspot.in/2017/02/botnet-statistics-2017-02-05.html 12. Socialbot. http://whatis.techtarget.com/definition/socialbot