Kavisankar Leelasankar, C. Chellappan, P. Sivasankar
{"title":"Successful Computer Forensics Analysis on the Cyber Attack Botnet","authors":"Kavisankar Leelasankar, C. Chellappan, P. Sivasankar","doi":"10.4018/978-1-5225-4100-4.CH014","DOIUrl":null,"url":null,"abstract":"The success of computer forensics lies in the complete analysis of the evidence that is available. This is done by not only analyzing the evidence which is available but also searching for new concrete evidence. The evidence is obtained through the logs of the data during the cyberattack. When performing analysis of the cyberattack especially the botnet attacks, there are many challenges. First and the foremost is that it hides the identity of the mastermind, the botmaster. It issues the command to be executed using its subordinate, the command and control (C&C). The traceback of C&C itself is a complex task. Secondly, it victimizes the innocent compromised device zombies. This chapter discusses the analysis done in both proactive and reactive ways to resolve these challenges. The chapter ends by discussing the analysis to find the real mastermind to protect the innocent compromised system and to protect the victim system/organization affected by the botnet cyberattack.","PeriodicalId":417372,"journal":{"name":"Research Anthology on Combating Denial-of-Service Attacks","volume":"32 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Research Anthology on Combating Denial-of-Service Attacks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4018/978-1-5225-4100-4.CH014","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
The success of computer forensics lies in the complete analysis of the evidence that is available. This is done by not only analyzing the evidence which is available but also searching for new concrete evidence. The evidence is obtained through the logs of the data during the cyberattack. When performing analysis of the cyberattack especially the botnet attacks, there are many challenges. First and the foremost is that it hides the identity of the mastermind, the botmaster. It issues the command to be executed using its subordinate, the command and control (C&C). The traceback of C&C itself is a complex task. Secondly, it victimizes the innocent compromised device zombies. This chapter discusses the analysis done in both proactive and reactive ways to resolve these challenges. The chapter ends by discussing the analysis to find the real mastermind to protect the innocent compromised system and to protect the victim system/organization affected by the botnet cyberattack.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
