Uma arquitetura baseada em botnet para aplicações voltadas a avaliação de aspectos de segurança da informação

Matheus Santos; Davidson Boccardo; Raphael Machado; Bruno Guimarães; Rafael Soares

doi:10.5753/semish.2015.10199

Matheus Santos UFRJ
Davidson Boccardo UFRJ
Raphael Machado UFRJ
Bruno Guimarães UFRJ
Rafael Soares UFRJ

DOI: https://doi.org/10.5753/semish.2015.10199

Abstract

The rapid growth of the concept of Internet of Things is proportionally linked to problems of security information in data surfing the World Wide Web, rectifying every day more the importance on this subject. Basically, in information security, there are three pillars that guarantee the protection of the information: integrity, confidentiality and availability. The guarantee of these three bases is not trivial, but it is important for various sectors such as industry, services and economy. In this article, we present a distributed architecture, based on the botnet concept that is able to assess these three bases; we describe its main features and functionalities aimed at solving problems in cyber security; and we present a case study, in shapes of Denial of Service tests, using the proposed architecture to characterize the network resistance and the anti-DDoS systems employed on e-commerce Brazilian companies.

References

HP (2014), “ HP Study Reveals 70 Percent of Internet of Things Devices Vulnerable to Attack”, http://h30499.www3.hp.com/t5/Fortify-Application-Security/HP-Study-Reveals-70-Percent-of- Internet-of-Things-Devices/ba-p/6556284#.VSMLMvnF9Bm.

The Register (2008), “Phlashing attack thrashes embedded systems”, http://www.theregister.co.uk/2008/05/21/phlashing/.

WeLiveSecurity (2014), “Top 5 Scariest Zombie Botnets”, http://www.welivesecurity.com/2014/10/23/top-5-scariest-zombie-botnets/.

CNET (2013), “Symantec takes on one of largest botnets in history”, http://www.cnet.com/news/symantec-takes-on-one-of-largest-botnets-in-history/.

TRAC (2015), “The Wraith IRC Bot official project site”, http://wraith.botpack.net/.

Team Cymru (2008), “A Teste of HTTP Botnets”, http://www.teamcymru.com/ReadingRoom/Whitepapers/2008/http-botnets.pdf.

Dittrich D., Dietrich S. (2008), “P2P as botnet command and control: A deeper insight”, Malicious and Unwanted Software, 2008. MALWARE 2008. 3rd International Conference on, Fairfax, VI, p. 41-48.

Common Weakness Enumeration, Mitre (2014), “CWE-400: Uncontrolled Resource Consumption”, https://cwe.mitre.org/data/definitions/400.html.

Common Weakness Enumeration, Mitre (2014), “CWE-410: Insufficient Resource Pool”, https://cwe.mitre.org/data/definitions/410.html.

Mirkovic, J., Reiher, P., (2004), “A Taxonomy of DDoS Attack and DDoS Defense Mechanisms”, SIGCOMM Comput. Commun. Rev., v. 34, n. 2 (Apr), p. 39-53.

Radware (2013). DDoS Survival Handbook, http://security.radware.com/uploadedFiles/Resources_and_Content/DDoS_Handbook/DDoS_Handbook.pdf.

Ke-nan Zhao, Lei Li (2011), “A New Intrusion Detection System Based on Rough Set Theory and Fuzzy Support Vector Machine”, Intelligent Systems and Applications (ISA), 2011 3rd International Workshop on, Wuhan, p. 1-5.

Massachusetts Institute of Technology (2007), “Kerberos Project”, http://www.kerberos.org/. Collberg, C. S., Nagra, J. (2010) “Surreptitious Software: Obfuscation, Watermarking, and Tamperproofing for Software Protection” Addison Wesley.

Raphael M., Matheus S., Fabio D., Eduardo O., (2014), Henrique S., Rafael S., Bruno G., “Arquitetura de um Simulador de Ataques Distribuídos de Negação de Serviço”, XLI Seminário Integrado de Software e Hardware (SEMISH 2014).

Matheus S., Fabio D., Raphael M., (2014) “Arcabouço para Simulação de Ataques Distribuídos Refletidos de Negação de Serviço”, I Workshop de Iniciação Científica em Sistemas de Informação (WICSI 2014).