Propagation Phenomena in Real World Networks by Dariusz Król Damien Fay & Bogdan Gabryś

Author:Dariusz Król, Damien Fay & Bogdan Gabryś
Language: eng
Format: epub
Publisher: Springer International Publishing, Cham

8.2.3 Stage Three: Standing by for Instructions

Once a botnet is built up, all bots in the botnet are standing by for instructions from their botmaster to perform illicit activities or updates. Therefore C&C mechanism is very important and is the major part of a botnet design. It directly determines the communication topology of a botnet, and hence affects the robustness of a botnet against network/computer failures, or security monitoring and mitigation.

The C&C mechanisms can be categorized as either pull or push mechanism. Pull mechanism, i.e., “command publishing/subscribing”, refers to the manner that bots retrieve commands actively from a place where botmasters publish commands. On the contrary, push mechanism, i.e., “command forwarding”, means bots passively wait for commands to reach them and then forward received commands to others.

For centralized botnets, pull mechanism is commonly used. Take HTTP-based botnets as an example, a botmaster publishes commands on a web page, and bots periodically visit this web page via HTTP to check for any command updates. In the following, we will discuss how pull and push C&C mechanisms can be applied in P2P botnets.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.