A parallel cyber universe: Botnet implementations over TOR-like networks

Simple item page
dc.contributor.author Hüseyin Yaǧci
dc.contributor.author Cagatay Yucel
dc.contributor.author Ahmet Hasan Koltuksuz
dc.contributor.author Yüce, Çaǧatay
dc.contributor.author Yaǧci, Hüseyin
dc.contributor.author Koltuksuz, Ahmet
dc.contributor.editor M. Scanlon , N.-A. Le-Khac
dc.date.accessioned 2025-10-06T17:52:01Z
dc.date.issued 2017
dc.description.abstract The first bot implemented in the history of computers was the Eggdrop (Fisher J 1998). The first instance of this kind was benign, it was an automated management tool for Internet Relay Chat (IRC) rooms. It wasn't much later when Internet users experienced the first botnet attack. The GTbot family was the first known malicious automated attack network on IRCs (Bächer et al. 2009) and new era for bots had begun. Botnets can be practically defined as a network of infected smart devices. As a result of the infiltration attacks made on a victim's computer with different malwares and zero-day attacks the control of the computer is confiscated without the victim being aware of it. Confiscated machines are connected to Command and Control (C&C) centers. In the case of a single infection this attack is nothing more than a data theft or privilege escalation. However when the number of the infected devices scales up to thousands the attack becomes a mass destruction weapon on global companies' networks. Amazon Spotify Twitter and many more companies were affected by DDoS attacks by the Mirai botnet in October 2016 (Allison Nixon John Costello 2016). The Mirai botnet was conducted by a malicious network utilizing the IoT devices. Moreover an even worse fact was the announcement of more similar botnet attacks after that October (Paganini 2016 Anon 2016). Today honeypot-based signature-based and host-based defenses as well as active and passive monitoring techniques are being developed against botnets (Silva et al. 2013). Botnets are fighting back for their existence by using binary obfuscation fast-flux networks domain generation algorithm (DGA) techniques and polymorphism while ciphering IP spoofing multi-hopping and email spoofing (Rodríguez-Gómez et al. 2013 Wang et al. 2016). Another important technique for botnets is to utilize The Onion Routing (TOR) networks where the communication scheme of the bot network is anonymized in the layers of the TOR scheme. The name of this network comes from a reference to the multi-layered structure of an onion. This research presents a novel implementation of a hidden botnet mechanism over like networks to The Onion Routing (TOR) ones. The focus is on creating parallel cyber universes with TOR-like structures and hiding the existence of the botnets in the blind range of the Internet. The design of such a network and the attack vector is explained in detail for the first time in the literature. © 2023 Elsevier B.V. All rights reserved.
dc.identifier.isbn 9781912764617, 9781914587405, 9781627489089, 9781910810286, 9781912764280, 9781914587702, 9781910309247, 9781911218852, 9781910810934, 9781911218432
dc.identifier.isbn 9781911218432
dc.identifier.issn 20488602, 20488610
dc.identifier.issn 2048-8602
dc.identifier.scopus 2-s2.0-85027978799
dc.identifier.uri https://www.scopus.com/inward/record.uri?eid=2-s2.0-85027978799&partnerID=40&md5=b83271df11862479fbe3616de4d86317
dc.identifier.uri https://gcris.yasar.edu.tr/handle/123456789/9724
dc.language.iso English
dc.publisher Curran Associates Inc.
dc.relation.ispartof 16th European Conference on Cyber Warfare and Security ECCWS 2017
dc.rights info:eu-repo/semantics/closedAccess
dc.source European Conference on Information Warfare and Security ECCWS
dc.subject Anonymity, Botnet, Cyber Security, Cyber Warfare, Network, Tor, Automation, Botnet, Data Obfuscation, Denial-of-service Attack, Malware, Relay Control Systems, Zero-day Attack, Anonymity, Automated Management, Botnets, Cyber Security, Cyber Warfare, Internet Relay Chat, Management Tool, Network, Onion Routing, The Onion Routing, Cybersecurity
dc.subject Automation, Botnet, Data obfuscation, Denial-of-service attack, Malware, Relay control systems, Zero-day attack, Anonymity, Automated management, Botnets, Cyber security, Cyber warfare, Internet relay chat, Management tool, Network, Onion routing, The onion routing, Cybersecurity
dc.subject Anonymity
dc.subject Botnet
dc.subject Cyber Security
dc.subject Cyber Warfare
dc.subject TOR
dc.subject Network
dc.title A parallel cyber universe: Botnet implementations over TOR-like networks
dc.type Conference Object
dspace.entity.type Publication
gdc.author.scopusid 57203115619
gdc.author.scopusid 56285502500
gdc.author.scopusid 13408802300
gdc.coar.type text::conference output
gdc.description.department
gdc.description.departmenttemp [Yaǧci H.] Department of Computer Engineering, Yaşar University, Turkey; [Yüce Ç.] Department of Computer Engineering, Yaşar University, Turkey; [Koltuksuz A.] Department of Computer Engineering, Yaşar University, Turkey
gdc.description.endpage 543
gdc.description.publicationcategory Konferans Öğesi - Uluslararası - Kurum Öğretim Elemanı
gdc.description.startpage 537
gdc.description.volume 0
gdc.index.type Scopus
gdc.scopus.citedcount 0
gdc.virtual.author Yağci, Hüseyin
gdc.virtual.author Yücel, Çağatay
gdc.virtual.author Koltuksuz, Ahmet Hasan
oaire.citation.endPage 543
oaire.citation.startPage 537
person.identifier.scopus-author-id Yaǧci- Hüseyin (57203115619), Yucel- Cagatay (56285502500), Koltuksuz- Ahmet Hasan (13408802300)
publicationvolume.volumeNumber 0
relation.isAuthorOfPublication 4e270ae4-4b68-4b21-bd15-a2368d3d45db
relation.isAuthorOfPublication 516a87df-891f-458d-994e-b459294fda36
relation.isAuthorOfPublication 0a146451-eb5a-43c9-bfca-979da9ee51d7
relation.isAuthorOfPublication.latestForDiscovery 4e270ae4-4b68-4b21-bd15-a2368d3d45db
relation.isOrgUnitOfPublication ac5ddece-c76d-476d-ab30-e4d3029dee37
relation.isOrgUnitOfPublication.latestForDiscovery ac5ddece-c76d-476d-ab30-e4d3029dee37

Files

Collections

Scopus İndeksli Yayınlar Koleksiyonu