Secure controlling method for scalable botnets
Botnet is one of main threats towards the Internet.Currently, botnets can expand to the whole world due to various types of network services, pervasive security vulnerabilities and massive deployment of networked devices, e.g., internet of things (IoT) devices.Future botnets will become more cross-p...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
POSTS&TELECOM PRESS Co., LTD
2023-02-01
|
| Series: | 网络与信息安全学报 |
| Subjects: | |
| Online Access: | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2023002 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841529657037422592 |
|---|---|
| author | Qiang LIU Pengfei LI Zhangjie FU |
| author_facet | Qiang LIU Pengfei LI Zhangjie FU |
| author_sort | Qiang LIU |
| collection | DOAJ |
| description | Botnet is one of main threats towards the Internet.Currently, botnets can expand to the whole world due to various types of network services, pervasive security vulnerabilities and massive deployment of networked devices, e.g., internet of things (IoT) devices.Future botnets will become more cross-platform and stealthy, which introduces severe security risks to cyberspace.Therefore, in-depth research on botnets can offer study targets to corresponding defensive studies, which is very meaningful for designing an architecture to secure the next-generation cyberspace.Hence, an HTTP-based scalable botnet framework was proposed to address the problems of compatibility, stealthiness and security.Specifically, the framework adopted a centralized controlling model.Moreover, it used the HTTP protocol as the designed botnet’s communication protocol and block encryption mechanisms based on symmetric cryptography to protect the botnet’s communication contents.Furthermore, a secure control mechanism for multi-platform botnets was designed.In particular, the proposed mechanism utilized source-level code integration and cross-compilation techniques to solve the compatibility challenge.It also introduced encrypted communication with dynamic secret keys to overcome the drawbacks of network traffic regularity and ease of analysis in traditional botnets.Moreover, it designed server migration and reconnection mechanisms to address the weakness of single-point-failure in centralized botnet models.Simulation results in three experimental scenarios with different levels of botnet controllability show that there is a linear relationship between the size of a botnet and the service overhead of the related C&C servers.In addition, under the condition of the same botnet scale, a higher level of controllability introduces a higher throughput and a greater system overhead.The above results demonstrate the effectiveness and the practical feasibility of the proposed method. |
| format | Article |
| id | doaj-art-e305e2a740154a1ba882fc8b6c609b71 |
| institution | Kabale University |
| issn | 2096-109X |
| language | English |
| publishDate | 2023-02-01 |
| publisher | POSTS&TELECOM PRESS Co., LTD |
| record_format | Article |
| series | 网络与信息安全学报 |
| spelling | doaj-art-e305e2a740154a1ba882fc8b6c609b712025-01-15T03:16:27ZengPOSTS&TELECOM PRESS Co., LTD网络与信息安全学报2096-109X2023-02-019425559576871Secure controlling method for scalable botnetsQiang LIUPengfei LIZhangjie FUBotnet is one of main threats towards the Internet.Currently, botnets can expand to the whole world due to various types of network services, pervasive security vulnerabilities and massive deployment of networked devices, e.g., internet of things (IoT) devices.Future botnets will become more cross-platform and stealthy, which introduces severe security risks to cyberspace.Therefore, in-depth research on botnets can offer study targets to corresponding defensive studies, which is very meaningful for designing an architecture to secure the next-generation cyberspace.Hence, an HTTP-based scalable botnet framework was proposed to address the problems of compatibility, stealthiness and security.Specifically, the framework adopted a centralized controlling model.Moreover, it used the HTTP protocol as the designed botnet’s communication protocol and block encryption mechanisms based on symmetric cryptography to protect the botnet’s communication contents.Furthermore, a secure control mechanism for multi-platform botnets was designed.In particular, the proposed mechanism utilized source-level code integration and cross-compilation techniques to solve the compatibility challenge.It also introduced encrypted communication with dynamic secret keys to overcome the drawbacks of network traffic regularity and ease of analysis in traditional botnets.Moreover, it designed server migration and reconnection mechanisms to address the weakness of single-point-failure in centralized botnet models.Simulation results in three experimental scenarios with different levels of botnet controllability show that there is a linear relationship between the size of a botnet and the service overhead of the related C&C servers.In addition, under the condition of the same botnet scale, a higher level of controllability introduces a higher throughput and a greater system overhead.The above results demonstrate the effectiveness and the practical feasibility of the proposed method.http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2023002botnetsecure controlmulti-platform architectureadvanced encryption standard |
| spellingShingle | Qiang LIU Pengfei LI Zhangjie FU Secure controlling method for scalable botnets 网络与信息安全学报 botnet secure control multi-platform architecture advanced encryption standard |
| title | Secure controlling method for scalable botnets |
| title_full | Secure controlling method for scalable botnets |
| title_fullStr | Secure controlling method for scalable botnets |
| title_full_unstemmed | Secure controlling method for scalable botnets |
| title_short | Secure controlling method for scalable botnets |
| title_sort | secure controlling method for scalable botnets |
| topic | botnet secure control multi-platform architecture advanced encryption standard |
| url | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2023002 |
| work_keys_str_mv | AT qiangliu securecontrollingmethodforscalablebotnets AT pengfeili securecontrollingmethodforscalablebotnets AT zhangjiefu securecontrollingmethodforscalablebotnets |