1. NEXGEN TECHNOLOGY
FINAL YEAR IEEE PROJECTS TITLES 2015-2016
CONTACT: PRAVEEN KUMAR. L (+91 – 9751442511, +91 – 9791938249)
MAIL ID: sunsid1989@gmail.com, praveen@nexgenproject.com
web:www.nexgenproject.com
1. Analysis of a “/0” Stealth Scan From a Botnet
Botnets are the most common vehicle of cyber-criminal activity. They are used for spamming,
phishing, denial of service attacks, brute-force cracking, stealing private information, and cyber
warfare. Botnets carry out network scans for several reasons, including searching for vulnerable
machines to infect and recruit into the botnet, probing networks for enumeration or penetration,
etc. We present the measurement and analysis of a horizontal scan of the entire IPv4 address
space conducted by the Sality botnet in February of last year. This 12-day scan originated from
approximately 3 million distinct IP addresses, and used a heavily coordinated and unusually
covert scanning strategy to try to discover and compromise VoIP-related (SIP server)
infrastructure. We observed this event through the UCSD Network Telescope, a /8 darknet
continuously receiving large amounts of unsolicited traffic, and we correlate this traffic data with
other public sources of data to validate our inferences. Sality is one of the largest botnets ever
identified by researchers, its behavior represents ominous advances in the evolution of modern
malware: the use of more sophisticated stealth scanning strategies by millions of coordinated
bots, targeting critical voice communications infrastructure. This work offers a detailed
dissection of the botnet‛s scanning behavior, including general methods to correlate, visualize,
and extrapolate botnet behavior across the global Internet.