Botnets Unveiled: A Comprehensive Survey on Evolving Threats and Defense Strategies

IF 2.5 4区 计算机科学 Q3 TELECOMMUNICATIONS Transactions on Emerging Telecommunications Technologies Pub Date : 2024-10-20 DOI:10.1002/ett.5056
Mehdi Asadi, Mohammad Ali Jabraeil Jamali, Arash Heidari, Nima Jafari Navimipour
{"title":"Botnets Unveiled: A Comprehensive Survey on Evolving Threats and Defense Strategies","authors":"Mehdi Asadi,&nbsp;Mohammad Ali Jabraeil Jamali,&nbsp;Arash Heidari,&nbsp;Nima Jafari Navimipour","doi":"10.1002/ett.5056","DOIUrl":null,"url":null,"abstract":"<div>\n \n <p>Botnets have emerged as a significant internet security threat, comprising networks of compromised computers under the control of command and control (C&amp;C) servers. These malevolent entities enable a range of malicious activities, from denial of service (DoS) attacks to spam distribution and phishing. Each bot operates as a malicious binary code on vulnerable hosts, granting remote control to attackers who can harness the combined processing power of these compromised hosts for synchronized, highly destructive attacks while maintaining anonymity. This survey explores botnets and their evolution, covering aspects such as their life cycles, C&amp;C models, botnet communication protocols, detection methods, the unique environments botnets operate in, and strategies to evade detection tools. It analyzes research challenges and future directions related to botnets, with a particular focus on evasion and detection techniques, including methods like encryption and the use of covert channels for detection and the reinforcement of botnets. By reviewing existing research, the survey provides a comprehensive overview of botnets, from their origins to their evolving tactics, and evaluates how botnets evade detection and how to counteract their activities. Its primary goal is to inform the research community about the changing landscape of botnets and the challenges in combating these threats, offering guidance on addressing security concerns effectively through the highlighting of evasion and detection methods. The survey concludes by presenting future research directions, including using encryption and covert channels for detection and strategies to strengthen botnets. This aims to guide researchers in developing more robust security measures to combat botnets effectively.</p>\n </div>","PeriodicalId":23282,"journal":{"name":"Transactions on Emerging Telecommunications Technologies","volume":"35 11","pages":""},"PeriodicalIF":2.5000,"publicationDate":"2024-10-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Transactions on Emerging Telecommunications Technologies","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1002/ett.5056","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"TELECOMMUNICATIONS","Score":null,"Total":0}
引用次数: 0

Abstract

Botnets have emerged as a significant internet security threat, comprising networks of compromised computers under the control of command and control (C&C) servers. These malevolent entities enable a range of malicious activities, from denial of service (DoS) attacks to spam distribution and phishing. Each bot operates as a malicious binary code on vulnerable hosts, granting remote control to attackers who can harness the combined processing power of these compromised hosts for synchronized, highly destructive attacks while maintaining anonymity. This survey explores botnets and their evolution, covering aspects such as their life cycles, C&C models, botnet communication protocols, detection methods, the unique environments botnets operate in, and strategies to evade detection tools. It analyzes research challenges and future directions related to botnets, with a particular focus on evasion and detection techniques, including methods like encryption and the use of covert channels for detection and the reinforcement of botnets. By reviewing existing research, the survey provides a comprehensive overview of botnets, from their origins to their evolving tactics, and evaluates how botnets evade detection and how to counteract their activities. Its primary goal is to inform the research community about the changing landscape of botnets and the challenges in combating these threats, offering guidance on addressing security concerns effectively through the highlighting of evasion and detection methods. The survey concludes by presenting future research directions, including using encryption and covert channels for detection and strategies to strengthen botnets. This aims to guide researchers in developing more robust security measures to combat botnets effectively.

查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
揭开僵尸网络的面纱:关于不断演变的威胁和防御策略的全面调查
僵尸网络已成为一种重大的互联网安全威胁,它由指挥与控制(C&C)服务器控制下的被入侵计算机网络组成。这些恶意实体可以实施一系列恶意活动,从拒绝服务(DoS)攻击到垃圾邮件分发和网络钓鱼。每个僵尸在易受攻击的主机上作为恶意二进制代码运行,向攻击者授予远程控制权,攻击者可以利用这些受攻击主机的综合处理能力,在保持匿名的情况下进行同步的高破坏性攻击。本调查探讨了僵尸网络及其演变,涉及僵尸网络的生命周期、C&C 模型、僵尸网络通信协议、检测方法、僵尸网络运行的独特环境以及躲避检测工具的策略等方面。它分析了与僵尸网络有关的研究挑战和未来方向,特别关注规避和检测技术,包括加密和使用隐蔽渠道进行检测和强化僵尸网络等方法。通过回顾现有研究,本调查报告全面概述了僵尸网络,从僵尸网络的起源到僵尸网络不断演变的策略,并评估了僵尸网络如何逃避检测以及如何应对僵尸网络的活动。调查的主要目的是让研究界了解僵尸网络不断变化的情况以及应对这些威胁所面临的挑战,通过强调规避和检测方法,为有效解决安全问题提供指导。调查报告最后提出了未来的研究方向,包括使用加密和隐蔽渠道进行检测,以及加强僵尸网络的策略。这旨在指导研究人员开发更强大的安全措施,有效打击僵尸网络。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
CiteScore
8.90
自引率
13.90%
发文量
249
期刊介绍: ransactions on Emerging Telecommunications Technologies (ETT), formerly known as European Transactions on Telecommunications (ETT), has the following aims: - to attract cutting-edge publications from leading researchers and research groups around the world - to become a highly cited source of timely research findings in emerging fields of telecommunications - to limit revision and publication cycles to a few months and thus significantly increase attractiveness to publish - to become the leading journal for publishing the latest developments in telecommunications
期刊最新文献
Secrecy Performance of Full-Duplex Space-Air-Ground Integrated Networks in the Presence of Active/Passive Eavesdropper, and Friendly Jammer Soft Actor-Critic Request Redirection for Quality Control in Green Multimedia Content Distribution Issue Information An IoT-Based 5G Wireless Sensor Network Employs a Secure Routing Methodology Leveraging DCNN Processing Research and Implementation of a Classification Method of Industrial Big Data for Security Management
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1