Kavisankar Leelasankar, C. Chellappan, P. Sivasankar
{"title":"僵尸网络攻击的成功计算机取证分析","authors":"Kavisankar Leelasankar, C. Chellappan, P. Sivasankar","doi":"10.4018/978-1-5225-4100-4.CH014","DOIUrl":null,"url":null,"abstract":"The success of computer forensics lies in the complete analysis of the evidence that is available. This is done by not only analyzing the evidence which is available but also searching for new concrete evidence. The evidence is obtained through the logs of the data during the cyberattack. When performing analysis of the cyberattack especially the botnet attacks, there are many challenges. First and the foremost is that it hides the identity of the mastermind, the botmaster. It issues the command to be executed using its subordinate, the command and control (C&C). The traceback of C&C itself is a complex task. Secondly, it victimizes the innocent compromised device zombies. This chapter discusses the analysis done in both proactive and reactive ways to resolve these challenges. The chapter ends by discussing the analysis to find the real mastermind to protect the innocent compromised system and to protect the victim system/organization affected by the botnet cyberattack.","PeriodicalId":417372,"journal":{"name":"Research Anthology on Combating Denial-of-Service Attacks","volume":"32 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Successful Computer Forensics Analysis on the Cyber Attack Botnet\",\"authors\":\"Kavisankar Leelasankar, C. Chellappan, P. Sivasankar\",\"doi\":\"10.4018/978-1-5225-4100-4.CH014\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The success of computer forensics lies in the complete analysis of the evidence that is available. This is done by not only analyzing the evidence which is available but also searching for new concrete evidence. The evidence is obtained through the logs of the data during the cyberattack. When performing analysis of the cyberattack especially the botnet attacks, there are many challenges. First and the foremost is that it hides the identity of the mastermind, the botmaster. It issues the command to be executed using its subordinate, the command and control (C&C). The traceback of C&C itself is a complex task. Secondly, it victimizes the innocent compromised device zombies. This chapter discusses the analysis done in both proactive and reactive ways to resolve these challenges. The chapter ends by discussing the analysis to find the real mastermind to protect the innocent compromised system and to protect the victim system/organization affected by the botnet cyberattack.\",\"PeriodicalId\":417372,\"journal\":{\"name\":\"Research Anthology on Combating Denial-of-Service Attacks\",\"volume\":\"32 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Research Anthology on Combating Denial-of-Service Attacks\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.4018/978-1-5225-4100-4.CH014\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Research Anthology on Combating Denial-of-Service Attacks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4018/978-1-5225-4100-4.CH014","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Successful Computer Forensics Analysis on the Cyber Attack Botnet
The success of computer forensics lies in the complete analysis of the evidence that is available. This is done by not only analyzing the evidence which is available but also searching for new concrete evidence. The evidence is obtained through the logs of the data during the cyberattack. When performing analysis of the cyberattack especially the botnet attacks, there are many challenges. First and the foremost is that it hides the identity of the mastermind, the botmaster. It issues the command to be executed using its subordinate, the command and control (C&C). The traceback of C&C itself is a complex task. Secondly, it victimizes the innocent compromised device zombies. This chapter discusses the analysis done in both proactive and reactive ways to resolve these challenges. The chapter ends by discussing the analysis to find the real mastermind to protect the innocent compromised system and to protect the victim system/organization affected by the botnet cyberattack.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
