揭开僵尸网络的面纱:关于不断演变的威胁和防御策略的全面调查

IF 2.5 4区 计算机科学 Q3 TELECOMMUNICATIONS
Mehdi Asadi, Mohammad Ali Jabraeil Jamali, Arash Heidari, Nima Jafari Navimipour
{"title":"揭开僵尸网络的面纱:关于不断演变的威胁和防御策略的全面调查","authors":"Mehdi Asadi,&nbsp;Mohammad Ali Jabraeil Jamali,&nbsp;Arash Heidari,&nbsp;Nima Jafari Navimipour","doi":"10.1002/ett.5056","DOIUrl":null,"url":null,"abstract":"<div>\n \n <p>Botnets have emerged as a significant internet security threat, comprising networks of compromised computers under the control of command and control (C&amp;C) servers. These malevolent entities enable a range of malicious activities, from denial of service (DoS) attacks to spam distribution and phishing. Each bot operates as a malicious binary code on vulnerable hosts, granting remote control to attackers who can harness the combined processing power of these compromised hosts for synchronized, highly destructive attacks while maintaining anonymity. This survey explores botnets and their evolution, covering aspects such as their life cycles, C&amp;C models, botnet communication protocols, detection methods, the unique environments botnets operate in, and strategies to evade detection tools. It analyzes research challenges and future directions related to botnets, with a particular focus on evasion and detection techniques, including methods like encryption and the use of covert channels for detection and the reinforcement of botnets. By reviewing existing research, the survey provides a comprehensive overview of botnets, from their origins to their evolving tactics, and evaluates how botnets evade detection and how to counteract their activities. Its primary goal is to inform the research community about the changing landscape of botnets and the challenges in combating these threats, offering guidance on addressing security concerns effectively through the highlighting of evasion and detection methods. The survey concludes by presenting future research directions, including using encryption and covert channels for detection and strategies to strengthen botnets. This aims to guide researchers in developing more robust security measures to combat botnets effectively.</p>\n </div>","PeriodicalId":23282,"journal":{"name":"Transactions on Emerging Telecommunications Technologies","volume":"35 11","pages":""},"PeriodicalIF":2.5000,"publicationDate":"2024-10-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Botnets Unveiled: A Comprehensive Survey on Evolving Threats and Defense Strategies\",\"authors\":\"Mehdi Asadi,&nbsp;Mohammad Ali Jabraeil Jamali,&nbsp;Arash Heidari,&nbsp;Nima Jafari Navimipour\",\"doi\":\"10.1002/ett.5056\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div>\\n \\n <p>Botnets have emerged as a significant internet security threat, comprising networks of compromised computers under the control of command and control (C&amp;C) servers. These malevolent entities enable a range of malicious activities, from denial of service (DoS) attacks to spam distribution and phishing. Each bot operates as a malicious binary code on vulnerable hosts, granting remote control to attackers who can harness the combined processing power of these compromised hosts for synchronized, highly destructive attacks while maintaining anonymity. This survey explores botnets and their evolution, covering aspects such as their life cycles, C&amp;C models, botnet communication protocols, detection methods, the unique environments botnets operate in, and strategies to evade detection tools. It analyzes research challenges and future directions related to botnets, with a particular focus on evasion and detection techniques, including methods like encryption and the use of covert channels for detection and the reinforcement of botnets. By reviewing existing research, the survey provides a comprehensive overview of botnets, from their origins to their evolving tactics, and evaluates how botnets evade detection and how to counteract their activities. Its primary goal is to inform the research community about the changing landscape of botnets and the challenges in combating these threats, offering guidance on addressing security concerns effectively through the highlighting of evasion and detection methods. The survey concludes by presenting future research directions, including using encryption and covert channels for detection and strategies to strengthen botnets. This aims to guide researchers in developing more robust security measures to combat botnets effectively.</p>\\n </div>\",\"PeriodicalId\":23282,\"journal\":{\"name\":\"Transactions on Emerging Telecommunications Technologies\",\"volume\":\"35 11\",\"pages\":\"\"},\"PeriodicalIF\":2.5000,\"publicationDate\":\"2024-10-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Transactions on Emerging Telecommunications Technologies\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://onlinelibrary.wiley.com/doi/10.1002/ett.5056\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"TELECOMMUNICATIONS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Transactions on Emerging Telecommunications Technologies","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1002/ett.5056","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"TELECOMMUNICATIONS","Score":null,"Total":0}
引用次数: 0

摘要

僵尸网络已成为一种重大的互联网安全威胁,它由指挥与控制(C&C)服务器控制下的被入侵计算机网络组成。这些恶意实体可以实施一系列恶意活动,从拒绝服务(DoS)攻击到垃圾邮件分发和网络钓鱼。每个僵尸在易受攻击的主机上作为恶意二进制代码运行,向攻击者授予远程控制权,攻击者可以利用这些受攻击主机的综合处理能力,在保持匿名的情况下进行同步的高破坏性攻击。本调查探讨了僵尸网络及其演变,涉及僵尸网络的生命周期、C&C 模型、僵尸网络通信协议、检测方法、僵尸网络运行的独特环境以及躲避检测工具的策略等方面。它分析了与僵尸网络有关的研究挑战和未来方向,特别关注规避和检测技术,包括加密和使用隐蔽渠道进行检测和强化僵尸网络等方法。通过回顾现有研究,本调查报告全面概述了僵尸网络,从僵尸网络的起源到僵尸网络不断演变的策略,并评估了僵尸网络如何逃避检测以及如何应对僵尸网络的活动。调查的主要目的是让研究界了解僵尸网络不断变化的情况以及应对这些威胁所面临的挑战,通过强调规避和检测方法,为有效解决安全问题提供指导。调查报告最后提出了未来的研究方向,包括使用加密和隐蔽渠道进行检测,以及加强僵尸网络的策略。这旨在指导研究人员开发更强大的安全措施,有效打击僵尸网络。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Botnets Unveiled: A Comprehensive Survey on Evolving Threats and Defense Strategies

Botnets have emerged as a significant internet security threat, comprising networks of compromised computers under the control of command and control (C&C) servers. These malevolent entities enable a range of malicious activities, from denial of service (DoS) attacks to spam distribution and phishing. Each bot operates as a malicious binary code on vulnerable hosts, granting remote control to attackers who can harness the combined processing power of these compromised hosts for synchronized, highly destructive attacks while maintaining anonymity. This survey explores botnets and their evolution, covering aspects such as their life cycles, C&C models, botnet communication protocols, detection methods, the unique environments botnets operate in, and strategies to evade detection tools. It analyzes research challenges and future directions related to botnets, with a particular focus on evasion and detection techniques, including methods like encryption and the use of covert channels for detection and the reinforcement of botnets. By reviewing existing research, the survey provides a comprehensive overview of botnets, from their origins to their evolving tactics, and evaluates how botnets evade detection and how to counteract their activities. Its primary goal is to inform the research community about the changing landscape of botnets and the challenges in combating these threats, offering guidance on addressing security concerns effectively through the highlighting of evasion and detection methods. The survey concludes by presenting future research directions, including using encryption and covert channels for detection and strategies to strengthen botnets. This aims to guide researchers in developing more robust security measures to combat botnets effectively.

求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
CiteScore
8.90
自引率
13.90%
发文量
249
期刊介绍: ransactions on Emerging Telecommunications Technologies (ETT), formerly known as European Transactions on Telecommunications (ETT), has the following aims: - to attract cutting-edge publications from leading researchers and research groups around the world - to become a highly cited source of timely research findings in emerging fields of telecommunications - to limit revision and publication cycles to a few months and thus significantly increase attractiveness to publish - to become the leading journal for publishing the latest developments in telecommunications
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信