Cyber espionage through Botnets

Botnets, the groups of illegally controlled infected devices on the Internet have had a history of two decades already. This history shows an evolution of the infection techniques, the scope of the target devices, and their usage. Thus, the new direction is the usage of sophisticated data leakage techniques by state-sponsored hacker groups. Our article analyses this evolution while focusing on Botnet usage for cyber espionage. We present the Botnet architecture in the context of network science research, lifecycle, applied network protocols, and capabilities. Next, we analyze two examples, the APT28 group activities and the VPNFilter Botnet, which demonstrate the real-life cyber espionage capability of this technique.

[1]  Wei Chen,et al.  CloudBot: Advanced mobile botnets using ubiquitous cloud technologies , 2017, Pervasive Mob. Comput..

[2]  Konstantin Beznosov,et al.  Design and analysis of a social botnet , 2013, Comput. Networks.

[3]  Nor Badrul Anuar,et al.  Botnet detection techniques: review, future trends, and issues , 2014, Journal of Zhejiang University SCIENCE C.

[4]  Aunshul Rege Digital information warfare trends in Eurasia , 2012, Security Journal.

[5]  Jeyong Jung,et al.  The not so dark side of the darknet: a qualitative study , 2018, Security Journal.

[6]  Kouji Hirata,et al.  Stochastic modeling of self-evolving botnets with vulnerability discovery , 2018, Comput. Commun..

[7]  Guofei Gu,et al.  A Taxonomy of Botnet Structures , 2007, ACSAC.

[8]  Muttukrishnan Rajarajan,et al.  Survey of approaches and features for the identification of HTTP-based botnet traffic , 2016, J. Netw. Comput. Appl..

[9]  Albert-László Barabási,et al.  The physics of the Web , 2001 .

[10]  Sureswaran Ramadass,et al.  A Survey of Botnet and Botnet Detection , 2009, 2009 Third International Conference on Emerging Security Information, Systems and Technologies.

[11]  Thomas Hyslip,et al.  A Survey of Botnet Detection Techniques by Command and Control Infrastructure , 2015, J. Digit. Forensics Secur. Law.

[12]  Peter Szor,et al.  The Art of Computer Virus Research and Defense , 2005 .