Botnets by Heli Tiirmaa-Klaar Jan Gassen Elmar Gerhards-Padilla & Peter Martini
Author:Heli Tiirmaa-Klaar, Jan Gassen, Elmar Gerhards-Padilla & Peter Martini
Language: eng
Format: epub
Publisher: Springer London, London
2.2 Botnets
Botnets consist of a particular kind of malware, the so-called bots or drones. These drones combine malicious functionalities of other malware classes into one general-purpose weapon for cyber attackers. Since bots are able to perform a multitude of malicious activities on demand, they are rather unpredictable. In contrast to other malware, botnets are extremely flexible and are able to dynamically react on external events, which makes them particularly dangerous. Botnets can be used for example to extract valuable information from large amounts of infected systems simultaneously or to perform other malicious activities as described in Sect. 2.2.1. The decisive factor that separates a bot from other kinds of malware is, however, not the utilized spreading routine or malicious functionality but the hidden communication channel. This communication channel allows individual bots to communicate with each other and their operator. In this context, the operator of a botnet is commonly referred to as botmaster or botherder. The term botnet is used to describe an entire network of bots, which share a common communication channel.
The communication channel between the botmaster and the individual bots is used to transmit data from the infected machines to the botmaster, as well as to send commands from the botmaster to the individual bots. In contrast to other kinds of malware, botnets actually require commands from the botmaster in order to perform malicious activities. The different bots can then process the received commands automatically. Therefore, every bot supports a fixed set of predefined tasks that can be executed on demand. To overcome the shortcoming of a fixed and limited instruction set, many current botnets support update commands. By using this command, existing bots can be easily replaced by a new version with an extended instruction set. This feature not only enables bots to perform almost arbitrary tasks on the infected machines, but also offers the opportunity to perform maintenance updates. The update functionality can be utilized for example to perform bug fixes or to protect the botnet from individual takeover attempts.
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Sass and Compass in Action by Wynn Netherland Nathan Weizenbaum Chris Eppstein Brandon Mathis(7810)
Grails in Action by Glen Smith Peter Ledbrook(7719)
Azure Containers Explained by Wesley Haakman & Richard Hooper(6838)
Configuring Windows Server Hybrid Advanced Services Exam Ref AZ-801 by Chris Gill(6837)
Running Windows Containers on AWS by Marcio Morales(6364)
Kotlin in Action by Dmitry Jemerov(5092)
Microsoft 365 Identity and Services Exam Guide MS-100 by Aaron Guilmette(5069)
Combating Crime on the Dark Web by Nearchos Nearchou(4647)
Microsoft Cybersecurity Architect Exam Ref SC-100 by Dwayne Natwick(4613)
Management Strategies for the Cloud Revolution: How Cloud Computing Is Transforming Business and Why You Can't Afford to Be Left Behind by Charles Babcock(4437)
The Ruby Workshop by Akshat Paul Peter Philips Dániel Szabó and Cheyne Wallace(4335)
The Age of Surveillance Capitalism by Shoshana Zuboff(3979)
Python for Security and Networking - Third Edition by José Manuel Ortega(3895)
The Ultimate Docker Container Book by Schenker Gabriel N.;(3554)
Learn Wireshark by Lisa Bock(3529)
Learn Windows PowerShell in a Month of Lunches by Don Jones(3528)
Mastering Python for Networking and Security by José Manuel Ortega(3376)
Mastering Azure Security by Mustafa Toroman and Tom Janetscheck(3355)
Blockchain Basics by Daniel Drescher(3325)
