1. Introduction
2. Scale of botnet problem
Botnets are a one of the biggest security issues that exist on the internet today. There are different types of botnets that, depending on the attacker’s particular interests, can target different areas of the internet and also different types of devices. More people are using the internet than ever before as reasons to use the internet expand and become much more accessible to the younger and older generations. Below are examples of different types of botnets and, where applicable, what damage particular botnets have caused in the past.
2.1 Socialbots
Social networking sites are currently the most popular and most accessed websites on the internet. According to Boshmaf et al. these websites have attracted more than a billion active users [1]. This is almost a seventh of the world’s population and attackers want to exploit this for their own personal gains.
Social networking websites are used by people to discuss openly with their “friends” about what they are doing with their day and, essentially, create a portal into their lives that their “friends” can read and comment on. Things like relationship status, date of birth, profile pictures and even pictures of friends and family are things you would typically find here. Attackers can exploit this information in various ways.
A socialbot is actually rather interesting as it doesn’t work in the same way as other bots. The point of a social bot is to appear “real”. As far as anyone
Explains what a botnet is, how it is created, used and the amount or types of data that can be collected over time. The ability to track or monitor many of these botnets by antivirus software is reported to be a very low percentage of known botnets. One of the basic principles is almost a “throw everything at it and see what sticks” mentality in that developers will employ a botnet through embedding it in a quasi-convincing spam message and hoping the reader is dumb enough to click on the link (Mittleman 67.)
Once your computer is among the living dead, it becomes a part of a botnet, or a network of other zombie computers” (par. 2). Botnets are designed in order to gather personal information including passwords, credit card details, social security numbers, addresses, and telephone numbers. These data may then be used for crimes including identity theft, frauds, spamming, and other malware distribution. Drozhzhin also stated, “Once a computer is a bot, it begins accepting commands from a centralized command server” (par. 4). As soon as the device become part of a botnet, they can receive commands to launch attacks on other devices, websites, and networks. This is important to know because in order to launch an effective Distributed Denial of Service (DDoS) attack, a large number of bots are required. The attack is more effective because the more “zombies” recruited, the easier and faster it is for the attacker to constantly transmit requests and malwares to other computers, thus crashing the site. Additionally, multiple bots sending requests from different locations makes the attack tremendously more difficult for antivirus and antispyware to distinguish a malicious request from an actual consumer’s request. The worst part is, it is almost nearly impossible to
Social networking sites give their users an easy way to share information about themselves. However, many users are quickly finding that the information they intend to share with their friends can all too easily find its way into the hands of the authorities, strangers, the press, and the public at large. For example, job recruiters are looking to these sites as well as performing more traditional background
In the social networking arena, users voluntarily divulge personal information online that, prior to the digital age, would have been considered private and restricted. Without careful and fierce examination of information prior to submitting it online, users unwittingly and certainly unwillingly subject themselves to threat of privacy intrusion.
Social networks allow individuals to post personal information, which includes full name, date of birth, addresses, phone numbers, precise locations, emails, and more
Understanding the threat of Cybercrime brought by social networking sites, while the trend of growing popularity of social networking sites seems unstoppable, the government and the social networking companies could perform countermeasure to discontinue the trend of Cybercrime.
Processes involved in the normal operation of a botnet has no comprehensive approach to either the stages encompassing the life cycle, or the lack of compartmentalization between them (see Figure 1, Botnet Life cycle Taxonomy). Apart from normal operations, so far there’s no qualitative analysis on how these stages should be characterized, defined, or distinguished. A proposed botnet life cycle stage starts with conception and ends with reaching the desired malicious intent, i.e. a successful attack and can include DDoS, spam, phishing, or click fraud. Corresponding mechanisms to these stages of the botnet life cycle are typically focused on attempting to hide the botnet (communication processes, location of the bots, and botmaster), some of these methods include IP spoofing, multi-hopping, polymorphism, and fast-flux networks. (Garcıa-Teodoro, Macia-Fernandez, & Rodrıguez-Gomez, 2012). Any defensive approach to overcoming a botnet is dedicated to preventing execution of a particular process in one of the botnet life cycle stages or combine processes in one or more stages. Deterring execution of a single stage in the botnet life cycle can thwart a malicious and devastating outcome. In principle, prevention of hidden mechanisms doesn’t suggest deterrence of the botnet goal, but increases the probability that a botnet will be identified by a defense method.
The social web is a set of social relations that link people through the World Wide Web. Websites have various functions and uses, but the most popular these days, are that of the social realm. Now days, people rarely pick up the phone and call each other. We no longer mail photographs to loved ones with letters attached. If we want to catch up with someone, we don’t write or call, we log on. Viewing someone’s Facebook page, and writing on their wall is the quickest way today to get in touch with someone. With privacy and copyright issues, surfing the social web can be a risky and comes with certain repercussions, but the
Botnets are the networks infected by malware. Over a period of time, these botnets have become a vulnerability to the web. Botnets are created to perform large-scale illicit activities, sometimes even endanger the operation of public and private service organizations across the globe. This paper portrays a complete survey that discusses the botnet problem in-detail. This paper summarizes a list of the important and recurring research problems that remain unsolved.
Due to the variety and richness of user information disclosed in social network services, users may put themselves at high risk which may lead to range of cyber-attacks. Social media network services such as Facebook, Twitter have grown exponentially over the years while the users share unprecedented amount of personal information on the Internet. Ubiquitous use of mobile devices and a latest development in technology and access to social media networks through mobile devices has furthermore increased the privacy breach risks and lack of a protective infrastructure has turned them into convenient targets for different perils. In this paper, we investigate location cheating attacks, the amount of information revealed in social networks and their associated potential attacks. Through this paper, we comprehend possible defending mechanisms.
used [1]. Next, we are going to discuss about the botnet detection techniques and some of the characteristics [2] and also take an overview of some measures which will be helpful to prevent the attack of bots.
Social media has also increased the security threat for citizens. In the past cyber criminals and spammers have attempted to steal information and scam users through spam emails, however, because of the increasing popularity of social media networks, cyber criminals and spammers have been using emails less and
Botnets : Botnets have been described as the “Swiss Army knives of the underground economy” because they are so versatile. Botnets, or “Bot Networks,” can be remotely controlled from the attackers location anywhere in the world. Allowing them to send commands via the Internet to the hundreds or thousands of computers infected with malicious code. As these infected computers are taking “hostage” into actions meant to disrupt or block Internet traffic for the targeted victims, also to harvest information, or to distribute spam, and viruses.
Social networking is a way for people to connect and share information with each other online.
Botnets are emerging as the most significant threat facing online ecosystems and computing assets. They also pose a significant and growing threat against cyber security as they provide distributed platform for many