Whispering Botnet Command and Control Instructions

Botnets are responsible for many large scale attacks happening on the Internet. Their weak point, which is usually targeted to take down a botnet, is the command and control infrastructure: the foundation for the diffusion of the botmaster's instructions. Hence, botmasters employ stealthy communication methods to remain hidden and retain control of the botnet. Recent research has shown that blockchains can be leveraged for under the radar communication with bots, however these methods incur fees for transaction broadcasting. This paper discusses the use of a novel technology, Whisper, for command and control instruction dissemination. Whisper allows a botmaster to control bots at virtually zero cost, while providing a peer-to-peer communication infrastructure, as well as privacy and encryption as part of its dark communication strategy. It is therefore well suited for bidirectional botnet command and control operations, and creating a botnet that is very difficult to take down.

[1]  Rahmat Budiarto,et al.  A survey on real world botnets and detection mechanisms , 2014 .

[2]  Roberto Perdisci,et al.  Still Beheading Hydras: Botnet Takedowns Then and Now , 2017, IEEE Transactions on Dependable and Secure Computing.

[3]  Daniel Davis Wood,et al.  ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[4]  Gabriel Klein,et al.  On the arms race around botnets - Setting up and taking down botnets , 2011, 2011 3rd International Conference on Cyber Conflict.

[5]  Yi Zhou,et al.  Understanding the Mirai Botnet , 2017, USENIX Security Symposium.

[6]  Dan Mercea,et al.  The Brexit Botnet and User-Generated Hyperpartisan News , 2017 .

[7]  Tanja Zseby,et al.  ChainChannels: Private Botnet Communication Over Public Blockchains , 2018, 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData).

[8]  Syed Ali Khayam,et al.  A Taxonomy of Botnet Behavior, Detection, and Defense , 2014, IEEE Communications Surveys & Tutorials.

[9]  Feng Hao,et al.  ZombieCoin 2.0: managing next-generation botnets using Bitcoin , 2018, International Journal of Information Security.

[10]  Herbert Bos,et al.  Highly resilient peer-to-peer botnets are here: An analysis of Gameover Zeus , 2013, 2013 8th International Conference on Malicious and Unwanted Software: "The Americas" (MALWARE).

[11]  Georgios Kambourakis,et al.  DDoS in the IoT: Mirai and Other Botnets , 2017, Computer.

[12]  Feng Hao,et al.  ZombieCoin: Powering Next-Generation Botnets with Bitcoin , 2015, Financial Cryptography Workshops.

[13]  Ashraf Matrawy,et al.  A Survey on Botnet Architectures, Detection and Defences , 2015, Int. J. Netw. Secur..

[14]  Joachim Fabini,et al.  Botnet Communication Patterns , 2017, IEEE Communications Surveys & Tutorials.

[15]  Filippo Menczer,et al.  The rise of social bots , 2014, Commun. ACM.