Botnets: To what extent are they a threat to information security?

Information Security Technical Report Pub Date : 2010-08-01 DOI:10.1016/j.istr.2010.11.003

Claire Elliott

{"title":"Botnets: To what extent are they a threat to information security?","authors":"Claire Elliott","doi":"10.1016/j.istr.2010.11.003","DOIUrl":null,"url":null,"abstract":"<div><figure><img><ol><li>Download : Download high-res image (158KB)</li><li>Download : Download full-size image</li></ol>Russian advertisement offering botnet services</figure>The purpose of this article is to examine to what extent botnets pose a threat to information security. In Chapter 1 the terms in the title are defined, and a comprehensive overview of botnets is provided in order to equip the reader with an understanding of the context for the remaining chapters. The motives for using botnets and the methods in which they are used are outlined. The methods of botnet attack are then analysed in terms of their potential impact on information security and a conclusion is drawn that botnets are indeed a threat to information security in general terms.Chapter 2 then goes on to examine the extent of the threat from the three different perspectives of governments, corporate and the general public. The threats from each perspective and their impacts are identified, and each threat type for each perspective is then categorised in terms of probability and potential impact. The extent of the threat of each botnet-related attack from each perspective is then assessed using a model recommended by ISO/IEC 27005:2008, and the conclusion is drawn that the extent of the threat that botnets pose to governments, corporates and the general public is High.In Chapter 3, we look at how law enforcement agencies investigate botnets and the criminals behind them, and establish the challenges they face in doing so. It is clear that law enforcement face an uphill struggle due to technical tricks employed by the botherders to remain untraceable, lack of resources with the necessary skillset, the legal complexity of working with multiple jurisdictions, and procedural delays working with foreign law enforcement agencies. The conclusion is drawn that botnets are here to stay and that for the time being the botherders will have the upper hand.</div>","PeriodicalId":100669,"journal":{"name":"Information Security Technical Report","volume":"15 3","pages":"Pages 79-103"},"PeriodicalIF":0.0000,"publicationDate":"2010-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1016/j.istr.2010.11.003","citationCount":"25","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Information Security Technical Report","FirstCategoryId":"1085","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S136341271000049X","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 25

Abstract

Download : Download high-res image (158KB)
Download : Download full-size image

Russian advertisement offering botnet services

The purpose of this article is to examine to what extent botnets pose a threat to information security. In Chapter 1 the terms in the title are defined, and a comprehensive overview of botnets is provided in order to equip the reader with an understanding of the context for the remaining chapters. The motives for using botnets and the methods in which they are used are outlined. The methods of botnet attack are then analysed in terms of their potential impact on information security and a conclusion is drawn that botnets are indeed a threat to information security in general terms.

Chapter 2 then goes on to examine the extent of the threat from the three different perspectives of governments, corporate and the general public. The threats from each perspective and their impacts are identified, and each threat type for each perspective is then categorised in terms of probability and potential impact. The extent of the threat of each botnet-related attack from each perspective is then assessed using a model recommended by ISO/IEC 27005:2008, and the conclusion is drawn that the extent of the threat that botnets pose to governments, corporates and the general public is High.

In Chapter 3, we look at how law enforcement agencies investigate botnets and the criminals behind them, and establish the challenges they face in doing so. It is clear that law enforcement face an uphill struggle due to technical tricks employed by the botherders to remain untraceable, lack of resources with the necessary skillset, the legal complexity of working with multiple jurisdictions, and procedural delays working with foreign law enforcement agencies. The conclusion is drawn that botnets are here to stay and that for the time being the botherders will have the upper hand.

查看原文本刊更多论文

僵尸网络:它们在多大程度上对信息安全构成威胁?

下载:下载高清图片(158KB)下载:下载全尺寸图片提供僵尸网络服务的俄罗斯广告本文的目的是研究僵尸网络对信息安全构成威胁的程度。在第1章中，定义了标题中的术语，并提供了僵尸网络的全面概述，以便读者了解其余章节的上下文。概述了使用僵尸网络的动机和使用它们的方法。然后分析了僵尸网络攻击的方法对信息安全的潜在影响，并得出结论，僵尸网络确实是对信息安全的一般威胁。第二章接着从政府、企业和公众三个不同的角度考察了威胁的程度。识别每个角度的威胁及其影响，然后根据概率和潜在影响对每个角度的每种威胁类型进行分类。然后使用ISO/IEC 27005:2008推荐的模型从每个角度评估每个僵尸网络相关攻击的威胁程度，并得出结论，僵尸网络对政府，企业和公众构成的威胁程度很高。在第3章中，我们将研究执法机构如何调查僵尸网络及其背后的犯罪分子，并确定他们在此过程中面临的挑战。显然，执法部门面临着一场艰苦的斗争，原因是骚扰者使用技术手段使自己无法追查，缺乏具备必要技能的资源，与多个司法管辖区合作的法律复杂性，以及与外国执法机构合作的程序延误。由此得出的结论是，僵尸网络将继续存在，而且目前麻烦者将占据上风。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Information Security Technical Report

自引率

0.00%

发文量