Botnets: threats and responses

Jeong, Ok‐Ran; Kim, Chulyun; Kim, Won; So, Jungmin

doi:10.1108/17440081111125635

Cited by 11 publications

(6 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Within the variation, the botnet can conduct brute force attacks to access the SSH sessions as exploiting cases where weak passwords have been used [12][13][14]. Botnets can use dictionary-based attacks to be able to gain access to the sessions and allow for the infection to be performed [15]. Feily et al [16] elaborates that botnets are like Trojan-based malware as both botnets and Trojans may penetrate networks via phishing.…”

Section: Infection Methodsmentioning

confidence: 99%

“…Phishing emails commonly present an urgent threat to users, informing them that they only have a certain period to open the link, causing the user to panic and respond, thus executing the malware. Bot-masters are responsible for sending phishing emails that have been weaponized to trigger the botnets [7,15,17]. The phishing emails persuade users to open the infected attachments.…”

Section: Infection Methodsmentioning

confidence: 99%

“…The phishing emails persuade users to open the infected attachments. Jeong et al [15] discusses hyperlinked attachments, where users would unknowingly click on a hyperlink, causing the botnet malware to be downloaded by the unsuspecting user. Jeong et al [15] also state that the hyperlinks may take victim users to phishing websites, which trick users into downloading the botnet malware unwittingly.…”

Section: Infection Methodsmentioning

confidence: 99%

“…Jeong et al [15] discusses hyperlinked attachments, where users would unknowingly click on a hyperlink, causing the botnet malware to be downloaded by the unsuspecting user. Jeong et al [15] also state that the hyperlinks may take victim users to phishing websites, which trick users into downloading the botnet malware unwittingly. Khonji et al [18] further justifies [15] and states that download links within emails may be classified as a "Man in the Browser (MITB)" cyber-attacks, which, according to [19], are like Man-In-The-Middle attacks.…”

Section: Infection Methodsmentioning

confidence: 99%

“…Jeong et al [15] also state that the hyperlinks may take victim users to phishing websites, which trick users into downloading the botnet malware unwittingly. Khonji et al [18] further justifies [15] and states that download links within emails may be classified as a "Man in the Browser (MITB)" cyber-attacks, which, according to [19], are like Man-In-The-Middle attacks. However, in MITB attacks, the attack exists within the Hypertext Transfer Protocol (HTTP) or the Hypertext Transfer Protocol Secure (HTTPS).…”

Section: Infection Methodsmentioning

confidence: 99%

See 4 more Smart Citations

A Survey on Botnets, Issues, Threats, Methods, Detection and Prevention

Owen

Zarrin

Pour

2022

JCP

View full text Add to dashboard Cite

Botnets have become increasingly common and progressively dangerous to both business and domestic networks alike. Due to the Covid-19 pandemic, a large quantity of the population has been performing corporate activities from their homes. This leads to speculation that most computer users and employees working remotely do not have proper defences against botnets, resulting in botnet infection propagating to other devices connected to the target network. Consequently, not only did botnet infection occur within the target user’s machine but also neighbouring devices. The focus of this paper is to review and investigate current state of the art and research works for both methods of infection, such as how a botnet could penetrate a system or network directly or indirectly, and standard detection strategies that had been used in the past. Furthermore, we investigate the capabilities of Artificial Intelligence (AI) to create innovative approaches for botnet detection to enable making predictions as to whether there are botnets present within a network. The paper also discusses methods that threat-actors may be used to infect target devices with botnet code. Machine learning algorithms are examined to determine how they may be used to assist AI-based detection and what advantages and disadvantages they would have to compare the most suitable algorithm businesses could use. Finally, current botnet prevention and countermeasures are discussed to determine how botnets can be prevented from corporate and domestic networks and ensure that future attacks can be prevented.

show abstract

Section: Infection Methodsmentioning

confidence: 99%

Section: Infection Methodsmentioning

confidence: 99%

Section: Infection Methodsmentioning

confidence: 99%

Section: Infection Methodsmentioning

confidence: 99%

Section: Infection Methodsmentioning

confidence: 99%

See 3 more Smart Citations

A Survey on Botnets, Issues, Threats, Methods, Detection and Prevention

Owen

Zarrin

Pour

2022

JCP

View full text Add to dashboard Cite

show abstract

Multi Tree View of Complex Attack – Stuxnet

Mishra

Kant

Yadav

2012

Advances in Computing and Information Technology

View full text Add to dashboard Cite

Breaking botnets: A quantitative analysis of individual, technical, isolationist, and multilateral approaches to cybersecurity

Haner

Knake

2021

Journal of Cybersecurity

View full text Add to dashboard Cite

Malicious networks of botnets continue to grow in strength as millions of new users and devices connect to the internet each day, many becoming unsuspectingly complicit in cyber-attacks or unwitting accomplices to cybercrimes. Both states and nonstate actors use botnets to surreptitiously control the combined computing power of infected devices to engage in espionage, hacking, and to carry out distributed denial of service attacks to disable internet-connected targets from businesses and banks to power grids and electronic voting systems. Although cybersecurity professionals have established a variety of best practices to fight botnets, many important questions remain concerning why levels of botnet infections differ sharply from country to country, as relatively little empirical testing has been done to establish which policies and approaches to cybersecurity are actually the most effective. Using newly available time-series data on botnets, this article outlines and tests the conventionally held beliefs and cybersecurity strategies at every level—individual, technical, isolationist, and multilateral. This study finds that wealthier countries are more vulnerable than less wealthy countries; that technical solutions, including patching software, preventing spoofing, and securing servers, consistently outperform attempts to educate citizens about cybersecurity; and that countries which favor digital isolation and restrictions on internet freedom are not actually better protected than those who embrace digital freedom and multilateral approaches to cybersecurity. This latter finding is of particular importance as China’s attempts to fundamentally reshape the internet via the “Digital Silk Road” component of the Belt and Road Initiative will actually end up making both China and the world less secure. Due to the interconnected nature of threats in cyberspace, states should instead embrace multilateral, technical solutions to better govern this global common and increase cybersecurity around the world.

show abstract

Botnets: threats and responses

Cited by 11 publications

References 16 publications

A Survey on Botnets, Issues, Threats, Methods, Detection and Prevention

A Survey on Botnets, Issues, Threats, Methods, Detection and Prevention

Multi Tree View of Complex Attack – Stuxnet

Breaking botnets: A quantitative analysis of individual, technical, isolationist, and multilateral approaches to cybersecurity

Contact Info

Product

Resources

About