| We implement Tinybot, an instance of the P2P based Botnet, which communicate with its peers via P2P. The paper focuses on the distribution of commands, the collection of feedbacks as well as the counter detection and anti-hijacking mechanism of Botnets. By grafting the plots used by Trojans such as terminal control and firewall-cracking, the instance is capable to run in a highly reliable way. The paper discusses the defending against P2P based Botnets by analyzing and comparison, and predicts the development of the Botnets.The paper unveils the details of the command-and-control mechanisms of the P2P based Botnets by introducing the methods mounted by Tinybot, such as digital signature and verification to improve the robustness and security. After analyzing the codes of a large amount of Bot samples by means of reversing engineering and simulating, the paper summarize the command-and-control mechanisms of the Botnets. On the platform of the P2P simulation, following research has been included in this paper.1. Implement Tinybot to simulate the large scale P2P Botnets;2. Optimize the plots to counter hijacking against the P2P Botnets leading to an enhancement of its robustness;3. Study the means that will resist the P2P Botnets and analyzed the effectiveness for each to pave the way to seal the P2P Botnets. |
PDF Full Text Request