ISSN 1000-1239 CN 11-1777/TP

Journal of Computer Research and Development ›› 2016, Vol. 53 ›› Issue (10): 2189-2206.doi: 10.7544/issn1000-1239.2016.20160419

Special Issue: 2016网络空间共享安全研究进展专题

Previous Articles     Next Articles

Study of Botnets Trends

Li Ke1,2, Fang Binxing1,4, Cui Xiang1,2,3, Liu Qixu2,3   

  1. 1(Beijing University of Posts and Telecommunications, Beijing, 100876); 2(Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100097); 3(University of Chinese Academy of Sciences, Beijing, 101408); 4(Institute of Electronic and Information Engineering, Dongguan University of Electronic Science and Technology of China, Dongguan, Guangdong, 523808)
  • Online:2016-10-01

Abstract: Botnets, as one of the most effective platforms to launch cyber-attacks, pose great threats to the security of today’s cyber-space. Despite the fact that remarkable progress had been made in the researches of botnets’ both attack and defense technologies in recent years, the forms and command and control mechanisms of botnets, however, as Internet applications are put into a wider variety of uses and communication technologies upgraded more rapidly than ever, are also undergoing constant changes, bringing new challenges to defenders. For this reason, an in-depth investigation of botnets’ working mechanisms and development is of great significance to deal with the threats posed by botnets. This paper, with the attack technologies of botnets as its main focus, gives an comprehensive introduction of the working mechanisms of botnets in terms of its definition, transmission, lifecycle, malicious behaviors and command and control channels, and divides the botnets’ development into two stages, namely, attacks to traditional PC and extensive attacks, with the technological features, behavioral characteristics, case studies and evolutionary patterns of each stage elaborated in a detailed manner. After a summary of existing work on the defense of botnets with the limitations of each approach discussed, possible future attempts are presented.

Key words: botnet, command and control channel (C&C channel), countermeasure, value-added network attack, survey

CLC Number: