SlideShare ist ein Scribd-Unternehmen logo

Botnets 101

Als PPTX, PDF herunterladen
Aung Thu Rha Hein
Aung Thu Rha Hein

Introduction to Botnet...

Technologie
1 von 17
AungThu Rha Hein (g5536871) 1
 What is a botnet?  History of Botnet  What are they used for?  How do they work?  Infection Procedure  CommandTopologies  Communication Methods  Propagation Methods  Defense  Detection methods  Defense Strategy  Conclusion 2
 A botnet is a collection of internet-connected programs communicating with other similar programs in order to perform tasks.  Wikipedia  A collection of compromised computers that is slowly built up then unleashed as a DDOS attack or used to send very large quantities of spam.  WolframAlpha 3
 Bots originally used to automate tasks  IRC,IM, MUDS, online-games  Evolved into a way to automate malicious attacks  Spam, control a pc, propagate etc…  Botnets started with DOS against servers  Stacheldraht,Trinoo, Kelihos 4
 DOS attacks  Spam  Phishing  Identity theft  Click Fraud  Others…. 5
1. Botmaster infected victims with bot botmaster victim C&C server 6
2.bot connects to the C&C server using HTTP,IRC or other protocol victim C&C server botmaster 7
3.Botmaster sends commands through C&C server to zombie botmaster victim C&C server 8
4.Repeat these process and botmaster have bot army to Control from a single point botmaster Victims, zombies C&C server 9
10
 Star  Bots tied to centralized C&C server  Multi-Server  Same as Star but with multiple C&C server  Hierarchical  Parent bot control child bots  Random  Full P2P support 11
 HTTP  Easy for attacker to blend in  IRC  Harder to hide compared with HTTP  Custom  Makes use of new application protocols 12
 E-Mail attachments; Social Engineering  Trojan horses  Drive-by downloads  Scanning  Horizontal: Single port  Vertical :Single IP address 13
 Three Main Issues  How to Detect them?  How to Response them?  How to Negate the threat? 14
 No single method  “Defense in depth” principle  Methods  Network traffic analysis (NetFlow)  Packet analysis(IDS)  Analysis of application log files (Antivirus, firewall)  Honeypots  Others… 15
 DefenseAgainst infection by bot (DAIBB)  Prevent from entering into the system  Updates and patches, security levels  Defense against attacks by bot (DAABB)  Prevent from being victim of botnet attacks  IPS,TLS, SSL  Monitoring, detection & studying of Bot (MDSBB)  Detection methods, monitoring log files 16
 Education of users (EOU)  Raise the security awareness of users  Legislative protection (LP)  legislative-punishment policies THANKYOU! 17

Empfohlen

BOTNET
BOTNETBOTNET
BOTNETArjo Ghosh
 
Botnet Detection Techniques
Botnet Detection TechniquesBotnet Detection Techniques
Botnet Detection TechniquesTeam Firefly
 
What is botnet?
What is botnet?What is botnet?
What is botnet?Milan Petrásek
 
Botnet
Botnet Botnet
Botnet PriyanKa Harjai
 
Botnets
BotnetsBotnets
BotnetsVishwadeep Badgujar
 
Botnets
BotnetsBotnets
Botnetsrichashri3
 
Botnets In Cyber Security
Botnets In Cyber SecurityBotnets In Cyber Security
Botnets In Cyber Securitysumit saurav
 
Ransomware attack
Ransomware attackRansomware attack
Ransomware attackAmna
 

Empfohlen

BOTNET
BOTNETBOTNET
BOTNETArjo Ghosh
 
Botnet Detection Techniques
Botnet Detection TechniquesBotnet Detection Techniques
Botnet Detection TechniquesTeam Firefly
 
What is botnet?
What is botnet?What is botnet?
What is botnet?Milan Petrásek
 
Botnet
Botnet Botnet
Botnet PriyanKa Harjai
 
Botnets
BotnetsBotnets
BotnetsVishwadeep Badgujar
 
Botnets
BotnetsBotnets
Botnetsrichashri3
 
Botnets In Cyber Security
Botnets In Cyber SecurityBotnets In Cyber Security
Botnets In Cyber Securitysumit saurav
 
Ransomware attack
Ransomware attackRansomware attack
Ransomware attackAmna
 
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...Edureka!
 
Cyber security
Cyber securityCyber security
Cyber securitySapna Patil
 
Computer security
Computer securityComputer security
Computer securityUniv of Salamanca
 
Torjan horse virus
Torjan horse virusTorjan horse virus
Torjan horse virussumitra22
 
Computer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | EdurekaComputer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | EdurekaEdureka!
 
Phishing
PhishingPhishing
Phishingshivli0769
 
Botnets
BotnetsBotnets
BotnetsKavisha Miyan
 
Botnet Detection in Online-social Network
Botnet Detection in Online-social NetworkBotnet Detection in Online-social Network
Botnet Detection in Online-social NetworkRubal Sagwal
 
Cyber security
Cyber securityCyber security
Cyber securityChethanMp7
 
introduction to Botnet
introduction to Botnetintroduction to Botnet
introduction to Botnetyogendra singh chahar
 
Botnet
BotnetBotnet
Botnetlokenra
 
Man in the middle attack .pptx
Man in the middle attack .pptxMan in the middle attack .pptx
Man in the middle attack .pptxPradeepKumar728006
 
Ch03 Network and Computer Attacks
Ch03 Network and Computer AttacksCh03 Network and Computer Attacks
Ch03 Network and Computer Attacksphanleson
 
Cyber security
Cyber securityCyber security
Cyber securityRishav Sadhu
 
Ppt growing need of cyber security
Ppt growing need of cyber securityPpt growing need of cyber security
Ppt growing need of cyber securityyatendrakumar47
 
Cyber Security 03
Cyber Security 03Cyber Security 03
Cyber Security 03Home
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber securitySumanPramanik7
 
Les malwares
Les malwaresLes malwares
Les malwaresmeryemnaciri1
 
Malware
MalwareMalware
MalwareAnoushka Srivastava
 
Trojan Horse Virus and Hacking
Trojan Horse Virus and Hacking Trojan Horse Virus and Hacking
Trojan Horse Virus and Hacking IT Department Akre
 
Bots and Botnet
Bots and BotnetBots and Botnet
Bots and BotnetHicube Infosec
 
Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1Aniq Eastrarulkhair
 

Weitere ähnliche Inhalte

Was ist angesagt?

What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...Edureka!
 
Torjan horse virus
Torjan horse virusTorjan horse virus
Torjan horse virussumitra22
 
Computer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | EdurekaComputer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | EdurekaEdureka!
 
Botnet Detection in Online-social Network
Botnet Detection in Online-social NetworkBotnet Detection in Online-social Network
Botnet Detection in Online-social NetworkRubal Sagwal
 
Cyber security
Cyber securityCyber security
Cyber securityChethanMp7
 
Man in the middle attack .pptx
Man in the middle attack .pptxMan in the middle attack .pptx
Man in the middle attack .pptxPradeepKumar728006
 
Ch03 Network and Computer Attacks
Ch03 Network and Computer AttacksCh03 Network and Computer Attacks
Ch03 Network and Computer Attacksphanleson
 
Ppt growing need of cyber security
Ppt growing need of cyber securityPpt growing need of cyber security
Ppt growing need of cyber securityyatendrakumar47
 
Cyber Security 03
Cyber Security 03Cyber Security 03
Cyber Security 03Home
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber securitySumanPramanik7
 
Trojan Horse Virus and Hacking
Trojan Horse Virus and Hacking Trojan Horse Virus and Hacking
Trojan Horse Virus and Hacking IT Department Akre
 

Was ist angesagt? (20)

What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
 
Cyber security
Cyber securityCyber security
Cyber security
 
Computer security
Computer securityComputer security
Computer security
 
Torjan horse virus
Torjan horse virusTorjan horse virus
Torjan horse virus
 
Computer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | EdurekaComputer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | Edureka
 
Phishing
PhishingPhishing
Phishing
 
Botnets
BotnetsBotnets
Botnets
 
Botnet Detection in Online-social Network
Botnet Detection in Online-social NetworkBotnet Detection in Online-social Network
Botnet Detection in Online-social Network
 
Cyber security
Cyber securityCyber security
Cyber security
 
introduction to Botnet
introduction to Botnetintroduction to Botnet
introduction to Botnet
 
Botnet
BotnetBotnet
Botnet
 
Man in the middle attack .pptx
Man in the middle attack .pptxMan in the middle attack .pptx
Man in the middle attack .pptx
 
Ch03 Network and Computer Attacks
Ch03 Network and Computer AttacksCh03 Network and Computer Attacks
Ch03 Network and Computer Attacks
 
Cyber security
Cyber securityCyber security
Cyber security
 
Ppt growing need of cyber security
Ppt growing need of cyber securityPpt growing need of cyber security
Ppt growing need of cyber security
 
Cyber Security 03
Cyber Security 03Cyber Security 03
Cyber Security 03
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber security
 
Les malwares
Les malwaresLes malwares
Les malwares
 
Malware
MalwareMalware
Malware
 
Trojan Horse Virus and Hacking
Trojan Horse Virus and Hacking Trojan Horse Virus and Hacking
Trojan Horse Virus and Hacking
 

Ähnlich wie Botnets 101

Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1Aniq Eastrarulkhair
 
Information security & EthicalHacking
Information security & EthicalHackingInformation security & EthicalHacking
Information security & EthicalHackingAve Nawsh
 
Cyber security & ethical hacking 10
Cyber security & ethical hacking 10Cyber security & ethical hacking 10
Cyber security & ethical hacking 10Mehedi Hasan
 
The Comprehensive Security Policy In The Trojan War
The Comprehensive Security Policy In The Trojan WarThe Comprehensive Security Policy In The Trojan War
The Comprehensive Security Policy In The Trojan WarMandy Cross
 
(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious CodeSatria Ady Pradana
 
A review botnet detection and suppression in clouds
A review botnet detection and suppression in cloudsA review botnet detection and suppression in clouds
A review botnet detection and suppression in cloudsAlexander Decker
 
Botnet detection by Imitation method
Botnet detection by Imitation methodBotnet detection by Imitation method
Botnet detection by Imitation methodAcad
 
Mod2 wfbs new starter
Mod2 wfbs new starterMod2 wfbs new starter
Mod2 wfbs new starterIan Thiele
 
All you know about Botnet
All you know about BotnetAll you know about Botnet
All you know about BotnetNaveen Titare
 

Ähnlich wie Botnets 101 (20)

Bots and Botnet
Bots and BotnetBots and Botnet
Bots and Botnet
 
Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1
 
Botnet
BotnetBotnet
Botnet
 
Botnet
BotnetBotnet
Botnet
 
Information security & EthicalHacking
Information security & EthicalHackingInformation security & EthicalHacking
Information security & EthicalHacking
 
Cyber security & ethical hacking 10
Cyber security & ethical hacking 10Cyber security & ethical hacking 10
Cyber security & ethical hacking 10
 
Hack the hack
Hack the hackHack the hack
Hack the hack
 
The Comprehensive Security Policy In The Trojan War
The Comprehensive Security Policy In The Trojan WarThe Comprehensive Security Policy In The Trojan War
The Comprehensive Security Policy In The Trojan War
 
Ce hv6 module 63 botnets
Ce hv6 module 63 botnetsCe hv6 module 63 botnets
Ce hv6 module 63 botnets
 
Hacking by Pratyush Gupta
Hacking by Pratyush GuptaHacking by Pratyush Gupta
Hacking by Pratyush Gupta
 
about botnets
about botnetsabout botnets
about botnets
 
(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code
 
A review botnet detection and suppression in clouds
A review botnet detection and suppression in cloudsA review botnet detection and suppression in clouds
A review botnet detection and suppression in clouds
 
Honeypot
HoneypotHoneypot
Honeypot
 
Botnet detection by Imitation method
Botnet detection by Imitation methodBotnet detection by Imitation method
Botnet detection by Imitation method
 
Mod2 wfbs new starter
Mod2 wfbs new starterMod2 wfbs new starter
Mod2 wfbs new starter
 
All you know about Botnet
All you know about BotnetAll you know about Botnet
All you know about Botnet
 
Information security
Information securityInformation security
Information security
 
Program threats
Program threatsProgram threats
Program threats
 
Program Threats
Program ThreatsProgram Threats
Program Threats
 

Mehr von Aung Thu Rha Hein

Bioinformatics for Computer Scientists
Bioinformatics for Computer Scientists Bioinformatics for Computer Scientists
Bioinformatics for Computer Scientists Aung Thu Rha Hein
 
Analysis of hybrid image with FFT (Fast Fourier Transform)
Analysis of hybrid image with FFT (Fast Fourier Transform)Analysis of hybrid image with FFT (Fast Fourier Transform)
Analysis of hybrid image with FFT (Fast Fourier Transform)Aung Thu Rha Hein
 
Introduction to Common Weakness Enumeration (CWE)
Introduction to Common Weakness Enumeration (CWE)Introduction to Common Weakness Enumeration (CWE)
Introduction to Common Weakness Enumeration (CWE)Aung Thu Rha Hein
 
Private Browsing: A Window of Forensic Opportunity
Private Browsing: A Window of Forensic OpportunityPrivate Browsing: A Window of Forensic Opportunity
Private Browsing: A Window of Forensic OpportunityAung Thu Rha Hein
 
Digital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeDigital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeAung Thu Rha Hein
 
Survey & Review of Digital Forensic
Survey & Review of Digital ForensicSurvey & Review of Digital Forensic
Survey & Review of Digital ForensicAung Thu Rha Hein
 
Partitioned Based Regression Verification
Partitioned Based Regression VerificationPartitioned Based Regression Verification
Partitioned Based Regression VerificationAung Thu Rha Hein
 
CRAXweb: Automatic Exploit Generation for Web Applications
CRAXweb: Automatic Exploit Generation for Web ApplicationsCRAXweb: Automatic Exploit Generation for Web Applications
CRAXweb: Automatic Exploit Generation for Web ApplicationsAung Thu Rha Hein
 
Web application security: Threats & Countermeasures
Web application security: Threats & CountermeasuresWeb application security: Threats & Countermeasures
Web application security: Threats & CountermeasuresAung Thu Rha Hein
 
Can the elephants handle the no sql onslaught
Can the elephants handle the no sql onslaughtCan the elephants handle the no sql onslaught
Can the elephants handle the no sql onslaughtAung Thu Rha Hein
 
Fuzzy logic based students’ learning assessment
Fuzzy logic based students’ learning assessmentFuzzy logic based students’ learning assessment
Fuzzy logic based students’ learning assessmentAung Thu Rha Hein
 

Mehr von Aung Thu Rha Hein (19)

Writing with ease
Writing with easeWriting with ease
Writing with ease
 
Bioinformatics for Computer Scientists
Bioinformatics for Computer Scientists Bioinformatics for Computer Scientists
Bioinformatics for Computer Scientists
 
Analysis of hybrid image with FFT (Fast Fourier Transform)
Analysis of hybrid image with FFT (Fast Fourier Transform)Analysis of hybrid image with FFT (Fast Fourier Transform)
Analysis of hybrid image with FFT (Fast Fourier Transform)
 
Introduction to Common Weakness Enumeration (CWE)
Introduction to Common Weakness Enumeration (CWE)Introduction to Common Weakness Enumeration (CWE)
Introduction to Common Weakness Enumeration (CWE)
 
Private Browsing: A Window of Forensic Opportunity
Private Browsing: A Window of Forensic OpportunityPrivate Browsing: A Window of Forensic Opportunity
Private Browsing: A Window of Forensic Opportunity
 
Network switching
Network switchingNetwork switching
Network switching
 
Digital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeDigital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research Challenge
 
Survey & Review of Digital Forensic
Survey & Review of Digital ForensicSurvey & Review of Digital Forensic
Survey & Review of Digital Forensic
 
Partitioned Based Regression Verification
Partitioned Based Regression VerificationPartitioned Based Regression Verification
Partitioned Based Regression Verification
 
CRAXweb: Automatic Exploit Generation for Web Applications
CRAXweb: Automatic Exploit Generation for Web ApplicationsCRAXweb: Automatic Exploit Generation for Web Applications
CRAXweb: Automatic Exploit Generation for Web Applications
 
Session initiation protocol
Session initiation protocolSession initiation protocol
Session initiation protocol
 
TPC-H in MongoDB
TPC-H in MongoDBTPC-H in MongoDB
TPC-H in MongoDB
 
Web application security: Threats & Countermeasures
Web application security: Threats & CountermeasuresWeb application security: Threats & Countermeasures
Web application security: Threats & Countermeasures
 
Cloud computing security
Cloud computing securityCloud computing security
Cloud computing security
 
Can the elephants handle the no sql onslaught
Can the elephants handle the no sql onslaughtCan the elephants handle the no sql onslaught
Can the elephants handle the no sql onslaught
 
Fuzzy logic based students’ learning assessment
Fuzzy logic based students’ learning assessmentFuzzy logic based students’ learning assessment
Fuzzy logic based students’ learning assessment
 
Link state routing protocol
Link state routing protocolLink state routing protocol
Link state routing protocol
 
Chat bot analysis
Chat bot analysisChat bot analysis
Chat bot analysis
 
Data mining & column stores
Data mining & column storesData mining & column stores
Data mining & column stores
 

Kürzlich hochgeladen

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024The Digital Insurer
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusZilliz
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 

Kürzlich hochgeladen (20)

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 

Botnets 101

  • 1. AungThu Rha Hein (g5536871) 1
  • 2.  What is a botnet?  History of Botnet  What are they used for?  How do they work?  Infection Procedure  CommandTopologies  Communication Methods  Propagation Methods  Defense  Detection methods  Defense Strategy  Conclusion 2
  • 3.  A botnet is a collection of internet-connected programs communicating with other similar programs in order to perform tasks.  Wikipedia  A collection of compromised computers that is slowly built up then unleashed as a DDOS attack or used to send very large quantities of spam.  WolframAlpha 3
  • 4.  Bots originally used to automate tasks  IRC,IM, MUDS, online-games  Evolved into a way to automate malicious attacks  Spam, control a pc, propagate etc…  Botnets started with DOS against servers  Stacheldraht,Trinoo, Kelihos 4
  • 5.  DOS attacks  Spam  Phishing  Identity theft  Click Fraud  Others…. 5
  • 6. 1. Botmaster infected victims with bot botmaster victim C&C server 6
  • 7. 2.bot connects to the C&C server using HTTP,IRC or other protocol victim C&C server botmaster 7
  • 8. 3.Botmaster sends commands through C&C server to zombie botmaster victim C&C server 8
  • 9. 4.Repeat these process and botmaster have bot army to Control from a single point botmaster Victims, zombies C&C server 9
  • 10. 10
  • 11.  Star  Bots tied to centralized C&C server  Multi-Server  Same as Star but with multiple C&C server  Hierarchical  Parent bot control child bots  Random  Full P2P support 11
  • 12.  HTTP  Easy for attacker to blend in  IRC  Harder to hide compared with HTTP  Custom  Makes use of new application protocols 12
  • 13.  E-Mail attachments; Social Engineering  Trojan horses  Drive-by downloads  Scanning  Horizontal: Single port  Vertical :Single IP address 13
  • 14.  Three Main Issues  How to Detect them?  How to Response them?  How to Negate the threat? 14
  • 15.  No single method  “Defense in depth” principle  Methods  Network traffic analysis (NetFlow)  Packet analysis(IDS)  Analysis of application log files (Antivirus, firewall)  Honeypots  Others… 15
  • 16.  DefenseAgainst infection by bot (DAIBB)  Prevent from entering into the system  Updates and patches, security levels  Defense against attacks by bot (DAABB)  Prevent from being victim of botnet attacks  IPS,TLS, SSL  Monitoring, detection & studying of Bot (MDSBB)  Detection methods, monitoring log files 16
  • 17.  Education of users (EOU)  Raise the security awareness of users  Legislative protection (LP)  legislative-punishment policies THANKYOU! 17