Bots and botnets: An overview of characteristics, detection and challenges

Recently, botnets have become the biggest threat to cyber security and have been used as an infrastructure to carry out nearly every type of cyber attack. They have a dynamic and flexible nature and the botmasters, who control them, update the bots and change their codes from day to day to avoid the current detection methods. In this paper, we present an overview of botnets' characteristics along with their malicious activities. We also review the current botnet detection methods in addition to their advantages and disadvantages. Finally we discuss the new generation of botnets on cloud and mobile environments.

[1]  Guofei Gu,et al.  BotSniffer: Detecting Botnet Command and Control Channels in Network Traffic , 2008, NDSS.

[2]  Thorsten Holz,et al.  Rishi: Identify Bot Contaminated Hosts by IRC Nickname Evaluation , 2007, HotBots.

[3]  Sanjeev Kumar,et al.  Honeynet Based Botnet Detection Using Command Signatures , 2011 .

[4]  Lei Wu,et al.  Honeypot detection in advanced botnet attacks , 2010, Int. J. Inf. Comput. Secur..

[5]  Christopher Krügel,et al.  Analysis of a Botnet Takeover , 2011, IEEE Security & Privacy.

[6]  Jan Kok,et al.  Analysis of the BotNet Ecosystem , 2011, CTTE.

[7]  Bong-Nam Noh,et al.  The Activity Analysis of Malicious HTTP-Based Botnets Using Degree of Periodic Repeatability , 2008, 2008 International Conference on Security Technology.

[8]  Dustin Burke,et al.  Behavioral analysis of botnets for threat intelligence , 2011, Information Systems and e-Business Management.

[9]  Heejo Lee,et al.  BotGAD: detecting botnets by capturing group activities in network traffic , 2009, COMSWARE '09.

[10]  Guofei Gu,et al.  BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection , 2008, USENIX Security Symposium.

[11]  Mohd Faizal Abdollah,et al.  Recognizing P2P Botnets Characteristic Through TCP Distinctive Behaviour , 2011 .

[12]  Yanpei Chen,et al.  What's New About Cloud Computing Security? , 2010 .

[13]  Audun Jøsang,et al.  Consequences of Botnets Spreading to Mobile Devices , 2009 .

[14]  Daniele Sgandurra,et al.  A Survey on Security for Mobile Devices , 2013, IEEE Communications Surveys & Tutorials.

[15]  Dae-il Jang,et al.  Analysis of HTTP2P botnet: case study waledac , 2009, 2009 IEEE 9th Malaysia International Conference on Communications (MICC).

[16]  J. Govil,et al.  Examining the criminology of bot zoo , 2007, 2007 6th International Conference on Information, Communications & Signal Processing.

[17]  Michal Pechoucek,et al.  Adaptive Multiagent System for Network Traffic Monitoring , 2009, IEEE Intelligent Systems.

[18]  Jingyu Hua,et al.  A SMS-Based Mobile Botnet Using Flooding Algorithm , 2011, WISTP.

[19]  Farnam Jahanian,et al.  A Survey of Botnet Technology and Defenses , 2009, 2009 Cybersecurity Applications & Technology Conference for Homeland Security.

[20]  Farnam Jahanian,et al.  CloudAV: N-Version Antivirus in the Network Cloud , 2008, USENIX Security Symposium.

[21]  Claire Elliott,et al.  Botnets: To what extent are they a threat to information security? , 2010, Inf. Secur. Tech. Rep..

[22]  Ta-Te Lu,et al.  An Advanced Hybrid P2P Botnet 2.0 , 2011, ICEIS.

[23]  Wei Jiang,et al.  Botnet: Survey and Case Study , 2009, 2009 Fourth International Conference on Innovative Computing, Information and Control (ICICIC).

[24]  Hee Beng Kuan Tan,et al.  Detection of Mobile Malware in the Wild , 2012, Computer.

[25]  Herbert Bos,et al.  Paranoid Android: versatile protection for smartphones , 2010, ACSAC '10.

[26]  Frances M. T. Brazier,et al.  Botclouds - The Future of Cloud-based Botnets? , 2011, CLOSER.

[27]  Tung-Ming Koo,et al.  Construction P2P firewall HTTP-Botnet defense mechanism , 2011, 2011 IEEE International Conference on Computer Science and Automation Engineering.

[28]  Dae-il Jang,et al.  Evasion technique and detection of malicious botnet , 2010, 2010 International Conference for Internet Technology and Secured Transactions.

[29]  Wilfried N. Gansterer,et al.  On the detection and identification of botnets , 2010, Comput. Secur..

[30]  Gustavo Gonzalez Granadillo,et al.  Botnets: Lifecycle and Taxonomy , 2011, 2011 Conference on Network and Information Systems Security.

[31]  Wira Zanoramy Ansiry Zakaria,et al.  A review on artificial intelligence techniques for developing intelligent honeypot , 2012, 2012 8th International Conference on Computing Technology and Information Management (NCM and ICNIT).