学位论文详细信息
Framework for botnet emulation and analysis
Simulation;Simulators;Emulation;Spam;DDoS;Information security;Botnets;Network security
Lee, Christopher Patrick ; Electrical and Computer Engineering
University:Georgia Institute of Technology
Department:Electrical and Computer Engineering
关键词: Simulation;    Simulators;    Emulation;    Spam;    DDoS;    Information security;    Botnets;    Network security;   
Others  :  https://smartech.gatech.edu/bitstream/1853/28191/1/lee_christopher_p_200905_phd.pdf
美国|英语
来源: SMARTech Repository
PDF
【 摘 要 】

Criminals use the anonymity and pervasiveness of the Internet to commit fraud, extortion, and theft.Botnets are used as the primary tool for this criminal activity.Botnets allow criminals to accumulate and covertly control multiple Internet-connected computers.They use this network of controlled computers to flood networks with traffic from multiple sources, send spam, spread infection, spy on users, commit click fraud, run adware, and host phishing sites.This presents serious privacy risks and financial burdens to businesses and individuals.Furthermore, all indicators show that the problem is worsening because the research and development cycle of the criminal industry is faster than that of security research.To enable researchers to measure botnet connection models and counter-measures, a flexible, rapidly augmentable framework for creating test botnets is provided.This botnet framework, written in the Ruby language, enables researchers to run a botnet on a closed network and to rapidly implement new communication, spreading, control, and attack mechanisms for study.This is a significant improvement over augmenting C++ code-bases for the most popular botnets, Agobot and SDBot.Rubot allows researchers to implement new threats and their corresponding defenses before the criminal industry can.The Rubot experiment framework includes models for some of the latest trends in botnet operation such as peer-to-peer based control, fast-flux DNS, and periodic updates.Our approach implements the key network features from existing botnets and provides the required infrastructure to run the botnet in a closed environment.

【 预 览 】
附件列表
Files Size Format View
Framework for botnet emulation and analysis 1653KB PDF download
  文献评价指标  
  下载次数:72次 浏览次数:47次