Cybersecurity: Bots, Botnets and Botmasters

Background

Courtesy of http://en.wikipedia.org/wiki/Botnet

The term bot is short for robot. An attacker can distribute malicious software (also known as malware) that can turn your computer into a bot (also known as a zombie). An attacker typically infect a large number of computers, which form a network, called a botnet. Attackers use botnets to send out spam email messages, spread viruses, trigger a Distributed Denial Of Service (DDoS) attack to take down a website for money or ideology, or disable the communication infrastructure of an organization or even a country, among other malicious activities.

What to Do

Your task is to watch four short videos explaining the basics of creating and operating a successful botnet, then write a short report (one to two pages) describing the botnet architecture and how it works.

Links to botnet videos:

1. Botnets Part I (15 mins)
2. Botnets Part II (13 mins)
3. Botnets Part III (13 mins)  
4. RxBot Source Code explained (14 mins)

You will likely encountered technical terms you are unfamiliar with. Look them up to make sure you understand them and use them in the right context in your report. Here are a few guidelines for your report:

1. Define the terms bot, botnet and botmaster.
2. List a few malicious activities typically carried by botnets.
3. Briefly explain how the Internet Relay Chat (IRC) works.
4. What is a Command and Control (C&C) server?
5. How do bots communicate with the C&C server?
6. How does the botmaster issue commands to the bots?
7. What was the most surprising thing you learned?
8. What was the most difficult concept for you?

Evaluation

Submission