Explore chapters and articles related to this topic
Cyber-resilience
Published in Stavros Shiaeles, Nicholas Kolokotronis, Internet of Things, Threats, Landscape, and Countermeasures, 2021
E. Bellini, G. Sargsyan, D. Kavallieros
There are already several examples of cyber-attacks that exploit the Internet-connected domestic appliances, vehicles, or smart vocal assistants, in order to, e.g., perform Denial-of-Service (DoS) or Distributed DoS (DDoS) attacks of unprecedented scales; spy on people in their office/homes and; take over (hijack) communication links, thus delivering full control of anything that is remotely controlled, such as drones, vehicles, and dams to cyber-criminals. For instance, in the health sector, potentially deadly vulnerabilities have been found in a large number of medical devices, including insulin pumps, CT scanners, implantable defibrillators, and X-ray systems. By using multiple sources to attack a victim, the mastermind behind the attack is not only able to amplify the magnitude of the attack, but can better hide their actual source IP address [3]. Although the methods and motives behind DDoS attacks have changed, their fundamental goal, namely to deny legitimate users resources or services, has not [4]. As explained in [5], the realization of these attacks is enabled by Internet Robots (Bots), software designed to perform repetitive jobs and that needs to be installed on the target system. The Bot then establishes a Command and Control (C&C) channel through which it is updated and directed. How a Bot infects a system varies with user interaction (e.g., downloading a legitimate program that has been altered to contain a malware), system misconfiguration, and system vulnerabilities and can be expressed in terms of probability [6, 7].
Exploring the Bitcoin Network
Published in Sandeep Kumar Panda, Ahmed A. Elngar, Valentina Emilia Balas, Mohammed Kayed, Bitcoin and Blockchain, 2020
A.R. Sathya, K. Varaprasada Rao
Botnets are a group of computers connected to a computer that performs a repetitive task. Illegitimate botnets are installed in systems without the operator’s knowledge to gain access to network resources and local files. Botnets can run any random program in computers. The botnets are linked to a bot master via the Command and Control (C&C) channel. The botmaster uses this channel to send and collect information from the bots. Blockchain can be used as a C&C infrastructure by programming instructions through transaction script [9]. The aim of botnet is to make through phishing and sending spams. It is also used for DoS attacks. In 2010, a study was conducted on Miner Botnet to understand the approach of bots in blockchain systems. The worker botnets would retrieve the graphic card information and initiates the mining software. The worker bots are connected to the proxy bots whose role is to run the Bitcoin client software and bind to a randomly chosen mining pool. This approach is called “proxied pool mining.” There are approaches where bots are directly connected without proxies. The disadvantage of having a direct pool mining is, it is easy to detect them in the mining pools as they are large in number having the same account and has smaller hash rates. Another approach is the dark pooled mining in which the bots have their own mining pool and workers are connected to it.
Extended Paradigms for Botnets with WoT Applications: A Review
Published in Aarti Jain, Rubén González Crespo, Manju Khari, Smart Innovation of Web of Things, 2020
Manju Khari, Renu Dalal, Pratibha Rohilla
For clear knowledge of how a botnet runs, its basic elements should be understood first. However, there are botnets which follow different structures in order to avoid detection [1,7], as shown in Figure 6.1. A bot is installed malware in an unguarded host which is responsible for performing series of malicious tasks. Installation of this malware can be done through numerous processes, like contaminated websites. These are particularly implemented in such a way that whenever the victim starts their internet-connected machines, only then does the bot initiates its processing. Using a secure command-and-control (C&C) channel, the botmaster sends commands. The main point to note is that bots are not systems or applications weaknesses, but are malware that are spread by contaminated websites, and so on. A botnet is a network of compromised machines called bots and an owner who controls the bot through the command-and-control server to execute malicious activities. Botmasters publish commands to the bots to execute unlawful tasks.
Malware detection for IoT devices using hybrid system of whitelist and machine learning based on lightweight flow data
Published in Enterprise Information Systems, 2023
Masataka Nakahara, Norihiro Okui, Yasuaki Kobayashi, Yutaka Miyake, Ayumu Kubota
IoT devices infected with malware communicate with Command and Control (C&C) servers to carry out infection spreading activities, DoS, and other attacks. Therefore, it is important to discover the communication with the C&C server before the attack. Infection spreading activities and DoS attacks are relatively easy to detect because they have easy-to-understand characteristics such as a rapid increase in the number of packets, but communication with the C&C server is difficult to distinguish from the original behaviour of the IoT device. Also, some DoS attacks and host scans are more sophisticated than others. For example, they are conducted with shorter attack periods. For these reasons, many methods for detecting anomalies through machine learning and deep learning using various features obtained from the state of IoT devices and packets are being considered.
Stochastic model predictive control-based countermeasure methodology for satellites against indirect kinetic cyber-attacks
Published in International Journal of Control, 2023
M. Amin Alandihallaj, Nima Assadian, Khashayar Khorasani
A successful cyber-attack on a satellite can make the satellite disabled, disrupted, damaged, or hijacked to transmit false information to the command and control (C&C) centers. Cyber-attacks that do not cause physical impacts to space are not known as major universal space threats (Kallberg, 2012). One of the most common types of cyber-attacks is the Global Positioning System (GPS) digital spoofing, by which a malicious hacker intercepts transmitted data to introduce false information. Satellites are traditionally equipped with Global Navigation Satellite System (GNSS) and Inertial Measurement Unit (IMU) sensors that are highly vulnerable to spoofing malicious cyber-attacks. In fact, the malicious hacker injects the GPS receiver with false data so that the Attitude and Orbit Determination and Control (AODC) subsystem of the satellite computes its location somewhere else in space and time. Consequently, the probable collision between the satellite and another strategic object could not be adequately predicted, and the collision risks may increase dramatically in case the spoofed GPS signals are treated and considered as reliable.
Model predictive and non-cooperative dynamic game fault recovery control strategies for a network of unmanned underwater vehicles
Published in International Journal of Control, 2019
Sahar Sedaghati, Farzaneh Abdollahi, Khashayar Khorasani
In this structure, the control actions are determined based on all the available information and objectives of the team. From the implementation perspective, the entire team information is collected and processed by a central command and control (C2) unit, and then the designed control signals are sent back to be implemented by each individual agent. Although this strategy can achieve a globally optimal solution, it suffers from the significant problems of computational complexity, stringent communication requirements, and the risk of failure in the central C2 unit. The centralised control structure is formulated below.