2:15 AM
Unknown
Emerging threats for…all data-driven!
BOTNETS
Most botnet command and manage websites is also traced back to China2. But Lee cautions that this statistic could be misinterpreted since "a good deal of Chinese are usingpirated software program which doesn’t receive security updates.”According to Lee, “That techniques numerous Chinese computers are rife with vulnerabilities, doing them a haven for botnet command and manage sites.”
Botnets en masse are considered a bot army and these malicious computing forces could be applied to conduct cyber warfare within the future.
In addition, bot payloads are becoming increasingly complex to avoid evolving security measures.
According to Lee’s research at GTISC, several recent bot variants have exhibited more than 100 distinct binary payloads used to hide the communications path and to vary the command and manage IP address. The net effect creates botnets and bot masters harder to track.
According to Lee’s research at GTISC, several recent bot variants have exhibited more than 100 distinct binary payloads used to hide the communications path and to vary the command and manage IP address. The net effect creates botnets and bot masters harder to track.
However, new technologies can pinpoint the Internet communications among botnets and bot masters and
shut down the vital links required for cyber crime and cyber warfare. Signature-based defenses like antivirus
and intrusion detection are no match to your subtle communications between bot and bot master.
But newer behavior analysis approaches can support identify bots without signatures.
But newer behavior analysis approaches can support identify bots without signatures.
Lee’s search team at GTISC is developing algorithms to analyze targeted visitors patterns from internal machines to outside machines. Strange anomalies in connection duration, time of day, or type of information uploaded/downloaded can indicate a botnet command and control attempt. Lee’s research also examines how botnets use the internet infrastructure.
For example, look-up requests to DNS servers may perhaps provide information on which domain is applied for botnet communications. In addtion, global sensor networks are now using specialized algorithms to pinpoint bot army communications.
Once the command and control links are observed and disrupted, the bot army threat can be neutralized as long as layered security is already in location
Related Articles:
Cyber Crime:Threats to VoIP and Mobile Convergence...
Posted in: 
0 comments:
Post a Comment