Cyber Crime and Cyber Terrorism



Download 5,67 Mb.
Pdf ko'rish
bet237/283
Sana19.05.2022
Hajmi5,67 Mb.
#604880
1   ...   233   234   235   236   237   238   239   240   ...   283
Bog'liq
Cyber crime and cyber terrorism investigators handbook by Babak

232
CHAPTER 17
Responding to cyber crime and cyber terrorism
are expected to be connected to the Internet by 2020. This paradigm is usually 
referred as “
Internet of Things
”;
• possibility of malware customization (introduced by Zeus botnet and its 
Software Development Kit);
• presence in the underground/black market of cyber criminals that rent services 
and structures that compose the malicious systems.
There are various classifications of botnets based on the overall topology and 
the command and control channels used, through which they can be updated 
and directed, the developing technology used and the scope of the services 
implemented.
Emerging trends show that newer architectures are migrating toward completely 
distributed topologies (P2P networks) instead of centralized structures, mobile im-
plementations of malwares and the use of TOR networks and social platforms as 
C&C server hiding techniques. The high sophistication and spread of botnets has 
led to the emergence of a new criminal business model that can be synthesized with 
“Cybercrime-as-a-Service” (CaaS). This chapter is a botnet essay (with two use 
cases included) and related countermeasures.
A BOTNET ROADMAP
The malwares that both have introduced the concept of victim machine connected to 
a communication channel to listen for malicious commands, beginning with the so-
called botnet-era, were “Sub7” and “Pretty Park”—a Trojan and worm, respectively. 
These two pieces of malware first emerged in 1999 and botnet innovation has been 
steady since then (
Ferguson, 2010
).
During 2002, there were a couple of major developments in botnet technology 
with the release of both SDBot and Agobot. SDBot was a single small binary, written 
in C
++
, marketed by its creator who has also made the source code widely available. 
As a result, many bots later include code or ideas taken from SDbot. Agobot, instead, 
introduced the concept of a modular attack. The initial attack installed a “back door”, 
the second tried to disable the antivirus software and the third has blocked access to 
the websites of security vendors. These two malwares started the huge increase in 
variants and the expansion of functionalities.
Malware authors gradually introduced encryption for Ransomware (hostage tak-
ing of encrypted files), HTTP and SOCKS proxies allowing them to use their victims 
for onward connection or FTP servers for storing illegal content.
Steadily botnets migrated away from the original IRC Command & Control chan-
nel—the protocol is easily identified in network traffic and TCP ports seldom opened 
through firewalls—and began to communicate over HTTP, ICMP and SSL ports, 
often using custom protocols. They have also continued the adoption and refinement 
of peer-to-peer communications, as would be demonstrated 5 years later by another 
famous botnet known with the name of Conficker.



Download 5,67 Mb.

Do'stlaringiz bilan baham:
1   ...   233   234   235   236   237   238   239   240   ...   283




Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling

kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha


yuklab olish