ABSTRACT

Botnet is a network of compromised computers (bots) running malicious software, usually installed via all kinds of attacking techniques such as trojan horses, worms and viruses. These zombie computers are remotely controlled by an attacker (botmaster). Botnets with a large number of computers have enormous cumulative bandwidth and computing capability.They are exploited by botmasters for initiating various malicious activities, such as email spam, distributed denial-ofservice attacks, password cracking and key logging.Botnets have become one of the most significant threats to the Internet[1]. Over time, botnets have evolved toward usingdecentralized peer-to-peer (P2P) command and control(C&C) infrastructures in order to increase their resilience against defender countermeasures, i.e. as seen in Storms use of Overnet and more recently in the appearance of HTTP-tunneled P2P botnets, such as Waledac and Conficker.Botnets have evolved into effective base infrastructures for cybercrime[3]. They provide the low-cost large-scale army of compromised machines required to engage in large-scale spam and phishing campaigns, to harvest at-scale users private information, e.g. credit card numbers, bank account access information, etc., and complex networks in which cyber-criminals can hide their tracks. Between 85 to 95 percent of spams originated from botnets , with spamming being highly profitable to cybercriminals[2]. The attackers obtain the illegal benefits by commanding the Bots to send Spammails, get information such as license keys or banking data on compromised machines, or launch distributed denial-of-service attacks against arbitrary targets[1]. Recent developments show that botnets are not only harmful to companies and consumers but are also involved in politically motivated activities[1].

Keywords :(P2P) :- Peer-to-peer, (C&C) :- Command and control.

iv