The use of botnets

Chapter 2

Botnet Attacks

The use of botnets has increased from a simple flooding attack to a mixed, complicated and propagated attack used for different malicious intents. Although they mostly use for shutting down servers (DDoS attacks) and theft identifying but they can utilized for more. The categorization according to Paul Bcher et al [3] is as follows:

Distributed Denial-of-Service (DDoS)

Denial-of-Service attacks launch from multiple hosts, attackers can consume the available bandwidth on a victim's network or overwhelm the victim's possessing power. All bot agent programs are capable of launching a variety of DDoS attacks. The most common types of attacks launched are TCP SYN and UDP flood attacks. DDoS attacks are launched for retribution, extortion, or merely as a show of the attacker's power. Virtually any service running on the internet may be a target of such an attack. Script kiddies apparently consider DDoS an appropriate solution to every social problem. An attacker can use this DDoS against a site to illicit payments for protection from further DDoS attacks from the victim. Extortion is an easy way for a Botmaster to make some extra money.

Spamming

Bots can be programmed and used to send a huge amount of emails and spam. The geography spread and more than thousands bots and infected machines guarantee the anonymity of spammers.

Sniffing Traffic

Infected machines by bots can put in sniffed by these malware codes. A bot can be configured to monitor a network interface card and look to all data and traffic that goes to or from it and simply find critical information such as credit cards numbers or username and password. This information later can be sent to bot master by email or ftp and used for illegal purposes.

Key logging

Monitoring and recording key storks is called key logging. In this mode instead of monitoring network card in fact bot is configured to sniff key board. The most significant gain of this method is bypassing encryption and coding algorithms that used to encrypts data for a secure communication. The bot directly records and sends information to commander and he/she deduced sensitive data from it.

For example most likely is 16 digits number entered in a online store web site is a credit card number.

Spreading of new Malware

Bots have the capability to download and execute updates or additional features. This help bot master to change the structure of code to avoiding of detection by antivirus and inject new worms and viruses to infected machines.

Installing Advertisement and BROWSER OBJECTS

Botnets can make money from advertisement websites too. There are some companies that offer a pay per click ad like Google in its Google Ad Sense program. In this situation bot network is used to provide many of clicks on ads with different IP address on compromised machines that completely seems legitimate. Here the legitimate company will pay bot master without knowing that all clicks were faked.

Google Ad Sense Abuse

This is like above part that targeted Google ad sense program specifically.

Attacking IRC Chat Networks

Botnets originally were developed to control IRC channels. They are still are used to attack and bring down IRC channels yet. Here thousands of bots try to join a channel and send service requests and cause to bring down IRC network.

Manipulating polls

Like advertisement clicking botnets can used to manipulate online polls. Because each infected machine has a unique IP address it is a suitable tools for votes. Bot master commands all bots to send his desired votes.

Mass Identity Theft

Bots can be configured and used to identity theft. Through phishing emails or websites that run by bots on compromised machine a bot can capture account information like user name and password and sent them to Botmaster.

Distributed Computing

A network of compromised machines by bots can form a huge computing power. This processing power later can be used to cracking or decrypting password or hashed messages. For example a brute force attack needs processing power to test all of possible situation of a hashed message.

Please be aware that the free essay that you were just reading was not written by us. This essay, and all of the others available to view on the website, were provided to us by students in exchange for services that we offer. This relationship helps our students to get an even better deal while also contributing to the biggest free essay resource in the UK!