| In recent years, Computer Technology and Network Communication Technologyhave been greatly developed. Through Internet, it is convenient to share and access torelevant information quickly, widely and accurately. The Internet has brought greatconvenience to people’s life in working, living and learning, etc. However, with thethreat of terrorism from the Internet increasing, network attacks such as viruses, Trojans,worms, distributed denial of service attacks appear endless, and the means of attackbecome richer and the techniques of attack become more sophisticated. Networksecurity threats has caused worldwide concern, countries are actively takecounter-measures. In these threats, botnet is one of the most serious threats.Botnet refers to the attacker uses a variety of malicious means (such as spam,malware, software vulnerabilities, etc.) to spread the bot to control a large number ofcomputers, and to establish a one-to-many relationship control netwrok betweenbotmaster and the infected computers. Now, the botnet is an important tool for hackersto launch Internet attacks, and it has been a serious threat to the entire Internet. In orderto respond to the botnet attacks mush sensitive, to analyze the development trend of thebotnet overview, to further study the spread and control mechanism, and to design acontrolled botnet simulation platform has a good theoretical and practical significance.Firstly, through the study of typical botnets, this paper reveals that based on thesupernodes P2P (Peer to Peer) protocol botnet is the development direction of the futurebotnet; Through study the working mechanism of typical botnets from the sourcecodelevel and analyze the spread and control model of the current botnets, This paperproposes the model of controlled botnet; And then, we design and implement the "basedon supernodes P2P protocol controlled botnet simulation platform"; In the Commandand Control mechanism, the two existing feekback mechanisms, which are based on thesource path and the DHT(Distributed Hash Table) feedback mechanisms, are still havedefects. This paper presents a more practical feedback mechanism based oncommunication nodes. Through the establishment of this simulation platform, weunderstand the working mechanism of the supernodes P2P protocol botnet. The simulation platform has laid a solid foundation for better responding to this type ofbotnet attacks in the future, and designing and implementing of the detection system forthis type of botnet.Secondly, by experiment and simulation, it is illuminated that the supernodes P2Pprotocol botnet is robust. Comparing with previous working, the new proposed botnet ismuch robust, and the against difficulty increases a lot. Finally, through study theworking mechanism of supernodes P2P protocol botnet. This paper proposes two typesof recommendations to prevent this botnets: One is the confrontation with the ServentBots, through a variety of ways to eliminate as many servent bots as possible; The otheris to take full advantage of the characteristics of the honeypot, through the honeypottechnology to slowly find as many zombie hosts as possible, and destroy the entirebotnet in the last. |
PDF Full Text Request