1 / 18

MOSQUITO BREEDING ATTACK: Spread of bots using Peer To Peer

This presentation explores the threat of botnets and the different types of bots used, focusing on the Mosquito Breeding Attack which combines both centralized and peer-to-peer architectures. The simulation demonstrates the bot conversion process and the advantages of this hybrid approach.

barbaragjones
Download Presentation

MOSQUITO BREEDING ATTACK: Spread of bots using Peer To Peer

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. MOSQUITO BREEDING ATTACK: Spread of bots using Peer To Peer INSTRUCTOR: Dr.Cliff Zou PRESENTED BY : BHARAT SOUNDARARAJAN & AMIT SHRIVATSAVA

  2. INTRODUCTION • Major threat to the security of internet • Botnet is a collection of compromised computer under a control of single identity known as the bot controller • Botnet uses vulnerability like other malwares to infect other machines in the network • Different types of bots: Agobot, Sdbot, Spybot, GTbot

  3. HOW BOTNETS WORK • A botnet operator sends worm continuously infecting ordinary users • The bot on the infected PC logs into a web server called Command & Control server(C&C) • The botnet operator send instructions via server to the infected PC’s • Used as a platform for DDOS and Spam attacks

  4. Different types of Bot communication • Centralized Communication Group of bots connected to C&C server Weaknesses: • They can be easier because many clients connect the same point • Discovery of the central location can compromise the whole system

  5. botmaster C&C C&C bot bot bot Centralized Botnet

  6. Hybrid P2P Botnet • Decentralized communication: Each bots connected to its peer list Only servent bots are in the peer list • Weaknesses: Even though defenders may not be able to capture a botnet sensor before its botmaster destroying the sensor (after completing botmaster's monitoring task), they still could use the captured traffic log to figure out the IP addresses of potential bots who contacted the sensor in the past

  7. Servent bots Client bots Hybrid P2P Botnet Hybrid P2P

  8. Mosquito Breeding Attack • New attack using both Peer2Peer architecture and centralized architecture • A centralized bots will generate many P2P bots inside the internet • These P2P bots will start a separate network and get new peers for its new network

  9. Mosquito Breeding Attack C&C BOTS

  10. Mosquito Breeding Attack C&C BOTS

  11. SIMULATION • Platform: Windows/Linux • Tools: Eclipse • Source Code: Java/Applet • File: Random.java

  12. Algorithm • Step1: Simulate Arbitrary Servers/Attackers • Step2: Simulate Random Number Of clients(bots) • Step3: Generate Botnet attacks from the attackers to the client • Step4: The server loads the code into any randomly chosen client • Step5: The client inturn becomes the server • Step6: New bot continues breeding the code among the new clients

  13. DEMO FOR THE SIMULATION

  14. Bot Conversion Model • Bots gets converted from client to server is identified • Time taken for each bot to change from client to server is calculated • A graph is drawn using bots in the X-axis and time taken for conversion in the Y-axis

  15. Botnet Conversion Study Conversion time in seconds Number of Bots converted from clients to servers

  16. ADVANTAGES • To overcome the problem of C&C center in botnet • Capturing of one C&C doesn’t affect the architecture • It works independently • More robust and more probing

  17. CONCLUSION • This shows how bots may work in the future • We have shown by simulation how attack propagate • We have also shown the conversion time of bots into c&c server

  18. THANK YOU

More Related