PricingBlogAbout Us

Botnet Analysis: A Literature Review

Verified

Added on  2020/05/28

|5
|1190
|91
AI Summary
This literature review examines various aspects of botnets, including their abuse of networks like Tor, structural analysis of malware like Citadel Botnet, and methods for detecting botnet activity based on malicious behavior and traffic patterns. The review analyzes research papers to understand the challenges posed by botnets and the proposed solutions for mitigating these threats.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Running head: LITERATURE REVIEW: BOTNET
LITERATURE REVIEW: BOTNET
Name of the student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
1LITERATURE REVIEW: BOTNET
Botnet refers to an interconnected group of computers that have been trespassed by
unauthorised users for personal malicious purposes. Some of the research work done on the
Botnet has been reviewed in the following sections. Review of each article have been
concluded with their most prominent strength and limitations.
Tor’s abusive use by Botnet:
Hopper (2014) has defined Tor network as “The Tor network provides a mechanism
for clients to anonymously provide services (e.g., websites) that can be accessed by other
users through Tor” [5]. The paper discusses the threat that botnet proposes to the subject of
the considered article. The author has suggested that the rate of consumption of relay’s
collective computing resources by botnet nodes can be controlled by throttling the cost. The
author has recommended the use of CAPTCHAs for verifying human effort while accessing
the website and implementation of guard nodes (rate-limitations) for an individual client. The
paper offers a deep insight into the protective methods for prevention of Tor network from
Botnet abuse though it lacks in providing a detailed and more reliable approach.
Citadel Botnet evaluation:
Rahimian et al. (2014) in the paper have attempted reverse engineering of the Citadel
Botnet to gain an insight of its functionality and structure [6]. The authors have divided their
objectives into three different categories. The first objective is to do a comparative analysis of
the subject and Zeus malware followed by an evaluation of components (open source)
adopted by the subject and finally accelerating the reverse engineering. They have adapted the
dynamic and static analysis method of the malware codes along with a clone-based method
for their objectives as their methodology. The authors have concluded their paper by stating
that adaptation of their method can help in underlining the most suitable scenario for
analysing the malware existing in real-world. The paper has done good work at evaluating the
Document Page
2LITERATURE REVIEW: BOTNET
malware structure though it lacks a clear conception of how to implement the proposed
methodology in developing a firewall for the same.
Equipping correlational malicious behaviour for Botnet detection:
Yin et al. (2013) in their article have provided a clear explanation of Botnet malware
and the how effective malware it is [2]. They have also offered an insight at the P2P botnet
and the complexity associated with its detection. The vulnerability of the system towards the
malicious attacks have also been reviewed in the paper excellently. The authors have offered
an evaluation of detection methods based on the host and the network. The papers provide an
excellent understanding of the Botnet malware and the methods adopted for the detection
purpose but lack in the purpose of the paper. The paper also lacks conclusion part which
leaves the paper incomplete.
DDoS attack based on Botnet:
Alomari et al. (2012) have claimed that Botnet based DDoS (Distributed denial of
service) is the most problematic network security threat in the ongoing cyber era [4]. The
article discusses the architecture of the discussed attack model and its tools. Classification of
the attacks have also been discussed in the article along with examples of the same in the real-
world are also presented. The article's strength lies in the fact that the authors have offered a
deep insight of the threats proposed by the considered attacks with proper real-world
examples. However, the article’s lack of practical understanding and dependency on
theoretical concepts can be considered as its greatest weakness.
Social Botnet evaluation:
Boshmaf et al. (2013) for their article developed a prototype of SbN (Socialbot
Network) based on the traditional Botnet (web-based) to determine the vulnerability of the
online social networks (OSNs) [6]. The developed SbN was developed as a mixture of three
Document Page
3LITERATURE REVIEW: BOTNET
components namely botmaster, socialbots and Command & Control (C&C) channel. The
construction of the SbN has been described in the article which develops the further scope for
research on the subject. The authors have also taken consideration to avoid any ethical issue
for developing and hence offering complete research. The article proves to be an excellent
work to review the selected topic as it provides complete details of the assessment done in the
process and has also offered space for future research.
Traffic behaviour analysis based botnet detection:
Zhao et al. (2013) have proposed a new method for Botnet detection taking the base of
traffic behaviour analysis [3]. The article has adopted practical and experimental methods to
prove the objective of the paper that Botnet’s activity can be detected with higher accuracy.
The article has adopted different detection methods like Detector implementation, Novel
botnet and Novel’s sub categories to develop the conclusive model for the detection. The
article has considered an efficient approach to prove the point of consideration and the
approach is quite accurate. The only thing that the paper lacks is a clear explanation of their
proposed model.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
4LITERATURE REVIEW: BOTNET
References:
[1]A. Rahimian, R. Ziarati, S. Preda and M. Debbabi, "On the Reverse Engineering of the
Citadel Botnet", Montreal, Canada, 2014.
[2]C. Yin, M. Zou, D. Iko and J. Wang, "Botnet Detection Based on Correlation of Malicious
Behaviors", International Journal of Hybrid Information Technology, vol. 6, no. 6, pp. 291-
300, 2013.
[3]D. Zhao, I. Traore, B. Sayed, W. Lu, S. Saad, A. Ghorbani and D. Garant, "Botnet
detection based on traffic behavior analysis and flow intervals", Computers & Security, vol.
39, pp. 2-16, 2013.
[4]E. Alomari, S. Manickam, B. B. Gupta, S. Karuppayah and R. Alfaris, "Botnet-based
Distributed Denial of Service (DDoS) Attacks on Web Servers: Classification and
Art", International Journal of Computer Applications, vol. 49, no. 7, pp. 24-32, 2012.
[5]N. Hopper, "Short Paper: Challenges in protecting Tor hidden services from botnet
abuse", 2014.
[6]Y. Boshmaf, I. Muslukhov, K. Beznosov and M. Ripeanu, "Design and analysis of a social
botnet", Computer Networks, vol. 57, no. 2, pp. 556-578, 2013.
1 out of 5
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

© 2024   |   Zucol Services PVT LTD   |   All rights reserved.