• A
  • A
  • A
  • ABC
  • ABC
  • ABC
  • А
  • А
  • А
  • А
  • А
Regular version of the site

Article

Пиринговые ботнеты

Информационные технологии. 2017. Т. 23. № 4. С. 290-299.
С.М.Авдошин, А.В.Лазаренко

Huge computer networks composed of infected machines so called botnets are currently the one of the most dangerous threats for global society. Botnets are a brilliant tool for organizing distributed denial of service attacks, sending spam and phishing email, stealing sensitive information and money from various accounts. Hackers create botnets from any kind of electronic devices connected to the Internet. The most widely used devices are: personal computers with windows operating system, smartphones with Android OS, IoT devices with public IP addresses and open vulnerabilities (IPTV cameras, for example). There are a lot of options for botnet hiring on the darknet. It is possible to hire a botnet, buy a builder kit or any other service in hacker-to-hacker manner. The easiest way to build a botnet is a creation of central server for spreading commands and creation of clients (bots) that will connect to this server. Such botnets are so called traditional botnets. Traditional botnets with centralized command and control mechanism are vulnerable to the wide range of attacks. For example, if one particular bot is captured by the security analyst the IP address of command and control server will be compromised with very high probability. Without central command and control server botnet is useless because the malefactor is unable to spread commands over infected network. In order to make botnets more robust and steady the peer-to-peer botnet architecture was introduced. P2P architectures could be divided on 3 main categories: pure, moderated and hybrid. The aim of the current papers is covering peer to peer botnets and its architecture.