• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>IEEE International Conference on Data Science in Cyberspace >SLBot: A Serverless Botnet Based on Service Flux
【24h】

SLBot: A Serverless Botnet Based on Service Flux

机译:SLBot:基于服务流量的无服务器僵尸网络

获取原文
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Today, botnet continue to be a significant threat to Internet, and is still responsible for most large scale cyber-attacks. An obvious strategy for preventing these activities is detecting Command-and-Control (C&C) servers of the botnet. Once C&C servers have been discovered, the botnet would face the risk of the whole structure's failure, and defenders can easily trace the owner. Recently years, attackers have begun to exploit social network websites (e.g., twitter.com) as their C&C infrastructures, which turns out to be quite stealthy but still can be detected through the application-centric approach, such as monitoring the behavior of particular usernames. In this paper, we assess the efficacy and feasibility of abusing multiple different public services to construct botnets, and propose a serverless C&C channel model using a novel strategy named Service Flux, which contains three subchannels: addressing channel (AC), command channel (CC), and upload channel (UC). We implement the model based botnet prototype named SLBot, and evaluate the resilience and efficiency of it.
机译:如今,僵尸网络仍然是对Internet的重大威胁,并且仍是造成大多数大规模网络攻击的原因。防止这些活动的一个明显策略是检测僵尸网络的命令和控制(C&C)服务器。一旦发现C&C服务器,僵尸网络将面临整个结构故障的风险,防御者可以轻松地追踪所有者。近年来,攻击者已开始利用社交网络网站(例如twitter.com)作为其C&C基础结构,事实证明这是非常隐秘的,但仍可以通过以应用程序为中心的方法(例如监视特定用户名的行为)进行检测。 。在本文中,我们评估了滥用多个不同的公共服务来构建僵尸网络的有效性和可行性,并提出了一种使用名为Service Flux的新颖策略的无服务器C&C渠道模型,该策略包含三个子渠道:寻址渠道(AC),命令渠道(CC) ),然后上传频道(UC)。我们实现了基于模型的僵尸网络原型SLBot,并评估了其弹性和效率。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号