Whispering Botnet Command and Control Instructions

被引：0

作者：

Baden, Mathis ^{[1
]}

Torres, Christof Ferreira ^{[1
]}

Pontiveros, Beltran Borja Fiz ^{[1
]}

State, Radu ^{[1
]}

机构：

[1] Univ Luxembourg, SnT, 29 Ave John F Kennedy, L-1855 Luxembourg, Luxembourg

来源：

2019 CRYPTO VALLEY CONFERENCE ON BLOCKCHAIN TECHNOLOGY (CVCBT 2019) | 2019年

关键词：

blockchain; botnet; whisper; C&C;

D O I：

10.1109/CVCBT.2019.00009

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Botnets are responsible for many large scale attacks happening on the Internet. Their weak point, which is usually targeted to take down a botnet, is the command and control infrastructure: the foundation for the diffusion of the botmaster's instructions. Hence, botmasters employ stealthy communication methods to remain hidden and retain control of the botnet. Recent research has shown that blockchains can be leveraged for under the radar communication with bots, however these methods incur fees for transaction broadcasting. This paper discusses the use of a novel technology, Whisper, for command and control instruction dissemination. Whisper allows a botmaster to control bots at virtually zero cost, while providing a peer-to-peer communication infrastructure, as well as privacy and encryption as part of its dark communication strategy. It is therefore well suited for bidirectional botnet command and control operations, and creating a botnet that is very difficult to take down.

引用

页码：77 / 81

页数：5

共 50 条

[11] A Basic Command and Control Strategy in Botnet Defense System
Yamaguchi, Shingo
2021 IEEE INTERNATIONAL CONFERENCE ON CONSUMER ELECTRONICS (ICCE), 2021,
[12] Progress in Command and Control Server Finding Schemes of Botnet
Guo, Xiaojun
Cheng, Guang
Hu, Yifei
Dai, Mian
2016 IEEE TRUSTCOM/BIGDATASE/ISPA, 2016, : 1723 - 1727
[13] Getting Prepared for the Next Botnet Attack Detecting Algorithmically Generated Domains in Botnet Command and Control
Kelley, Tim
Furey, Eoghan
2018 29TH IRISH SIGNALS AND SYSTEMS CONFERENCE (ISSC), 2018,
[14] Detection of Botnet Command and Control Traffic by the Identification of Untrusted Destinations
Burghouwt, Pieter
Spruit, Marcel
Sips, Henk
INTERNATIONAL CONFERENCE ON SECURITY AND PRIVACY IN COMMUNICATION NETWORKS, SECURECOMM 2014, PT I, 2015, 152 : 174 - 182
[15] Active Botnet Probing to Identify Obscure Command and Control Channels
Gu, Guofei
Yegneswaran, Vinod
Porras, Phillip
Stoll, Jennifer
Lee, Wenke
25TH ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE, 2009, : 241 - +
[16] Leveraging Bitcoin Testnet for Bidirectional Botnet Command and Control Systems
Franzoni, Federico
Abellan, Ivan
Daza, Vanesa
FINANCIAL CRYPTOGRAPHY AND DATA SECURITY, FC 2020, 2020, 12059 : 3 - 19
[17] Botract: abusing smart contracts and blockchain for botnet command and control
Alibrahim, Omar
Malaika, Majid
INTERNATIONAL JOURNAL OF INFORMATION AND COMPUTER SECURITY, 2022, 17 (1-2) : 147 - 163
[18] Fluxing botnet command and control channels with URL shortening services
Lee, Sangho
Kim, Jong
COMPUTER COMMUNICATIONS, 2013, 36 (03) : 320 - 332
[19] Using Behavioral Similarity for Botnet Command-and-Control Discovery
Jusko, Jan
Rehak, Martin
Stiborek, Jan
Kohout, Jan
Pevny, Tomas
IEEE INTELLIGENT SYSTEMS, 2016, 31 (05) : 16 - 23
[20] Inference and Analysis of Formal Models of Botnet Command and Control Protocols
Cho, Chia Yuan
Babic, Domagoj
Shin, Eui Chul Richard
Song, Dawn
PROCEEDINGS OF THE 17TH ACM CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY (CCS'10), 2010, : 426 - 439

← 1 2 3 4 5 →