Botnet-Based Attacks and Defence Mechanisms

Abstract

This chapter considers the threat posed by botnets and the impact of botnet-based attacks on both private domains and the global digital infrastructure. Botnets are widely employed by cyber-criminals for a variety of malicious activities and are frequently observed as a component within large-scale organised cyber-crime campaigns. In addition to this, botnets are a varied and evolving threat, bound to grow in parallel with our increasing dependence on digital services and the Internet, as well as the adoption of upcoming technologies like the Internet-of-Things. Botnets can be considered as attacks in-and-of themselves, as well as platforms for future attacks. With this as the foundational perspective, this study examines how a botnet is defined and classified, how it is built and used, the characteristics of a botnet attack, and the factors contributing towards its success. We then analyse how a botnet provides other attack capabilities for the cyber-criminal. This is supplemented with a discussion of how the threat is adapting to new technologies, followed by a short survey of some outstanding problems to be considered in future research.