Wyniki wyszukiwania - BazTech

1

Effects of botnets – a human-organisational approach

Bederna Zsolt, Szádeczky Tamás

Security and Defence Quarterly

|

2021

|

Vol. 35, No. 3

25--44

EN

Botnets, the remotely controlled networks of computers with malicious aims, have significantly affected the international order from Ukraine to the United States in recent years. Disruptive software, such as malware, ransomware, and disruptive services, provided by those botnets has many specific effects and properties. Therefore, it is paramount to improve the defences against them. To tackle botnets more or less successfully, one should analyse their code, communication, kill chain, and similar technical properties. However, according to the Business Model for Information Security, besides technological attributes, there is also a human and organisational aspect to their capabilities and behaviour. This paper aims to identify the aspects of different attacks and present an analysis framework to identify botnets’ technological and human attributes. After researching the literature and evaluating our previous findings in this research project, we formed a unified framework for the human-organisational classification of botnets. We tested the defined framework on five botnet attacks, presenting them as case studies. The chosen botnets were ElectrumDoSMiner, Emotet, Gamover Zeus, Mirai, and VPNFilter. The focus of the comparison was motivation, the applied business model, willingness to cooperate, capabilities, and the attack source. For defending entities, reaching the target state of defending capabilities is impossible with a one-time development due to cyberspace’s dynamic behaviour and botnets. Therefore, one has to develop cyberdefence and conduct threat intelligence on botnets using such methodology as that presented in this paper. This framework comprises people and technological attributes according to the BMIS model, providing the defender with a standard way of classification.

2

A Framework on botnet detection and forensics

Singh Harvinder, Bijalwan Anchit

Annals of Computer Science and Information Systems

|

2017

|

Vol. 10

93--101

EN

The utilization of Internet on domestic and corporate front has been increasing at drastic rate. Each organization and enterprise exploits the internet to its fullest extent based on its requirements. In almost all areas, internet is proved to be a boon. But sometimes it lands the users into trouble because of unwanted and uninvited harmful software applications. There are so many types of threats and challenges that are faced by the internet users. Out of all the threats faced by internet users, botnets are at the top most position. Because of these prodigious threats botnets are the rising area of research. Botnet works as a coordinated or synchronized activity where different bots collectively participate to perform a malicious task. The botnet is different from other form of malware in its capability to compromise the computer systems or smartphones to set up a link with command and control(C\&C) server controlled by bot controller. Because of the massive participation of compromised machines the losses caused by botnet attack are immeasurable. As a result, different researchers are showing keen interest in the field of botnets. The trend reflects that the number of researches in this field have gone up at tremendous rate in past 5 to 10 years. The present paper proposes a framework to systematically identify the presence of malicious bot, prevent it from spreading further and performing its forensic investigation.

3

Oprogramowanie złośliwe zagrożeniem w cyberprzestrzeni

Kowalewski J.

Wiedza Obronna

|

2016

|

nr 3-4

83--103

PL

W artykule przedstawiono podstawowe informacje dotyczące oprogramowania złośliwego, które dotyczy: wirusów, bakterii, robaków sieciowych, koni trojańskich (tzw. trojanów), dialerów, botnetów oraz spamów i fałszywek. Oprogramowanie złośliwe stanowi podstawi zbiór narzędzi do wykonywania różnorodnych ataków i przestępstw w cyberprzestrzeni, po działania cyberterrorystyczne włącznie.

EN

The article presents basic information about malware, which involves: viruses, bacteria, network worms, Trojans, dialers, botnets, spam and hoaxes. Malware is a substitute set of tools to perform a variety of attacks and crimes in cyberspace, include the act of cyberterrorism.

4

Evaluation of the effectiveness of certain spam protecting methods

Ogonowski P.

Theoretical and Applied Informatics

|

2008

|

Vol. 20, No. 4

245-259

EN

This chapter describes the spam operating principle in electronic mail (including issues of bot networks) and some procedures protecting against spam. Methods included in this paper base on relatively simple algorithms and don’t require much computational power force. In order to receive best detection capabilities and satisfactory/optimal system speed a way of linking those methods has also been discussed as well as comparison of methods’ effectiveness and also evaluation of efficiency and efficacy of the algorithm concerning antispam methods combined.

PL

W rozdziale przedstawiono sposób funkcjonowania spamu w poczcie elektronicznej. Szczególną uwagę zwrócono na problematykę sieci bot, która jest aktualnie głównym źródłem spamu. Opisano niektóre metody zapewniające ochronę przed nim. Metody te bazują na stosunkowo prostych algorytmach i do swojego działania nie wymagają dużych mocy obliczeniowych. Został również opisany taki sposób połączenia tych metod, który zapewnia najlepsze wyniki dla wykrywalności spamu oraz najlepszą szybkość działania systemu. Wykonane zostało również porównanie skuteczności wykorzystanych metod oraz ocena efektywności działania algorytmu antyspamowego powstałego na skutek ich połączenia.