Portal de Periódicos da CAPES

Botnets: threats and responses

2011; Emerald Publishing Limited; Volume: 7; Issue: 1 Linguagem: Inglês

10.1108/17440081111125635

1744-0092

Ok‐Ran Jeong, Chulyun Kim, Won Bae Kim, Jungmin So,

Advanced Malware Detection Techniques

Purpose A botnet is a network of computers on the internet infected with software robots (or bots). There are numerous botnets, and some of them control millions of computers. Cyber criminals use botnets to launch spam e‐mails and denial of service attacks; and commit click fraud and data theft. Governments use botnets for political purposes or to wage cyber warfare. The purpose of this paper is to review the botnet threats and the responses to the botnet threats. Design/methodology/approach The paper describes how botnets are created and operated. Then, the paper discusses botnets in terms of architecture, attacking behaviors, communication protocols, observable botnet activities, rally mechanisms, and evasion techniques. Finally, the paper reviews state‐of‐the‐art techniques for detecting and counteracting botnets, and also legal responses to botnet threats. Findings Botnets have become the platform for many online threats such as spam, denial of service attacks, phishing, data thefts, and online frauds. Security researchers must develop technology to detect and take down botnets, and governments must develop capacity to crack down on botmasters and botnets. Individual computer owners must diligently take measures to keep their computers from becoming members of botnets. Originality/value The paper provides a review of current status of botnets and a summary of up‐to‐date responses to botnets in both technical and legal aspects, which can be used as a stepping stone for further research.