Figure 3 - uploaded by Anchit Bijalwan
Content may be subject to copyright.
Most DDoS attack originated Country 

Most DDoS attack originated Country 

Source publication
Article
Full-text available
Unethical hacking of sites, probing, click frauds, phishing, denial of services attack and many such malicious practices affects the organizational integrity and sovereignty. Such activities are direct attacks on the safety, security and confidentiality of the organization. These activities put organizational privacy at stake. Botnet forensic is ut...

Contexts in source publication

Context 1
... the general malware threat shows the steady growth, which is grown up rapidly increased from 84 million in 2012 to 128 million in 2013. The new malware increased from 2 million in 2010 to 15 million in 2013. According to McAfee global threat intelligence, Sql injection attacks are most is in US followed by Taiwan, Spain, Venezuela, Germany, Brazil and others. As per security research company (Symantec), top botnet victim are China and US. In 2016 survey shows that US regained largest 23% among all countries hosting the most malicious activity. South Korea dropped from first place to fourth in phishing website ranking, China still hold second place with 9% share of malicious computer activity [1]. Figure 1 shows the list of countries in X-axis and the ranking with percentage in Y-axis. This figure includes the malicious activity in percentage, the rank of different countries for spam zombie attack, their bot rank, their phishing website rank and their attack origin rank. If we see separately, ransomware attack embattled India most followed by Russia, Kazakhstan, ISSN 1943-3581 2018 Italy, Germany, Vietnam, Algeria, Brazil, Ukraine and US [2] from figure 2. This figure refers to the list of countries in X-axis and their ranking in Y-axis. The most distributed denial of service (DDoS) originated country in the world is China followed by US, UK, France, Korea, Singapore, Japan, Vietnam and Germany. Figure 3 shows the most ddos attack originated countries in the world [2]. This figure refers to the list of the countries in X-axis and the percentage of distributed denial of services attack in Y-axis Botnet forensic deals post mortem activities on botnet attacks and its associated vulnerabilities. Botnet is used for illegal activities such as sending spam, different unwanted emails (Trojan, phishing, spyware, adware, fast flux etc.), media, software, stealing information or computing resource, click fraud, denial of services attacks etc. It is a collection of compromised computer. When a computer is compromised by an attacker, there is often code within the malware (a computer program which is made for harm the system) that commands it to become a part of botnet. It is the most dangerous issue against cyber security as they provided distributed dependencies for many activities. Botmaster or botherder controlled these malicious botnet networks. IRC (inter related chat) network is Network Protocols and Algorithms ISSN 1943-3581 2018 specially used by the attacker for managing and controlling the infected hosts because IRC is a most easily available network or server. Bot term came in existence from the word Robot which works as a predefined function or by the software program. it can be directed through command and control channel. Botnets are run by malicious programmer known as botherder or botmmaster. Botherder sends the infection or viruses to the feeble user's computer whose payload is malicious application. It connects through command and control server. Spammer purchase services from the botmaster and botmaster itself issues the updated ...
Context 2
... the general malware threat shows the steady growth, which is grown up rapidly increased from 84 million in 2012 to 128 million in 2013. The new malware increased from 2 million in 2010 to 15 million in 2013. According to McAfee global threat intelligence, Sql injection attacks are most is in US followed by Taiwan, Spain, Venezuela, Germany, Brazil and others. As per security research company (Symantec), top botnet victim are China and US. In 2016 survey shows that US regained largest 23% among all countries hosting the most malicious activity. South Korea dropped from first place to fourth in phishing website ranking, China still hold second place with 9% share of malicious computer activity [1]. Figure 1 shows the list of countries in X-axis and the ranking with percentage in Y-axis. This figure includes the malicious activity in percentage, the rank of different countries for spam zombie attack, their bot rank, their phishing website rank and their attack origin rank. If we see separately, ransomware attack embattled India most followed by Russia, Kazakhstan, ISSN 1943-3581 2018 Italy, Germany, Vietnam, Algeria, Brazil, Ukraine and US [2] from figure 2. This figure refers to the list of countries in X-axis and their ranking in Y-axis. The most distributed denial of service (DDoS) originated country in the world is China followed by US, UK, France, Korea, Singapore, Japan, Vietnam and Germany. Figure 3 shows the most ddos attack originated countries in the world [2]. This figure refers to the list of the countries in X-axis and the percentage of distributed denial of services attack in Y-axis Botnet forensic deals post mortem activities on botnet attacks and its associated vulnerabilities. Botnet is used for illegal activities such as sending spam, different unwanted emails (Trojan, phishing, spyware, adware, fast flux etc.), media, software, stealing information or computing resource, click fraud, denial of services attacks etc. It is a collection of compromised computer. When a computer is compromised by an attacker, there is often code within the malware (a computer program which is made for harm the system) that commands it to become a part of botnet. It is the most dangerous issue against cyber security as they provided distributed dependencies for many activities. Botmaster or botherder controlled these malicious botnet networks. IRC (inter related chat) network is Network Protocols and Algorithms ISSN 1943-3581 2018 specially used by the attacker for managing and controlling the infected hosts because IRC is a most easily available network or server. Bot term came in existence from the word Robot which works as a predefined function or by the software program. it can be directed through command and control channel. Botnets are run by malicious programmer known as botherder or botmmaster. Botherder sends the infection or viruses to the feeble user's computer whose payload is malicious application. It connects through command and control server. Spammer purchase services from the botmaster and botmaster itself issues the updated ...

Similar publications

Preprint
Full-text available
The growing and widespread presence of Internet of Things (IoT) has made the lives of all comfortable and handy, but poses various challenges, like efficiency, security, and high energy drain, threatening smart IoT-based applications. Small applications rely on Unicast communication. In a group-oriented communication, multicast is better as transmi...
Conference Paper
Full-text available
Internet is the most widely used technology in the current era of information technology and it is embedded in daily life activities. Due to its extensive use in everyday life, it has many applications such as social media (Face book, WhatsApp, messenger etc.,) and other online applications such as online businesses, e-counseling, advertisement on...
Article
Full-text available
ARTICLE INFO ABSTRACT Recently, with the development of digital technology and the spread of the social media network and made the communication of human beings between each other more easily, but with the put the personal information and private evidence and the participation of others via the Internet, it causes a great danger that this informati...
Article
Full-text available
This White Paper is presented to the Human Factors Working Group of the Department of Trade and Industry as part of their work on Human Vulnerabilities in Network Security. Its focus is reducing the potential for human behaviours that play a role in breaches of cyber security. It outlines types of human error and related cyber security breaches. It...
Preprint
Full-text available
The domain name system (DNS) is a crucial backbone of the Internet and millions of new domains are created on a daily basis. While the vast majority of these domains are legitimate, adversaries also register new hostnames to carry out nefarious purposes, such as scams, phishing, or other types of attacks. In this paper, we present insights on the g...

Citations

... The database systems involved also can't maintain and preserve the integrity, originality and confidentiality of the collected evidence as well as the related chain of custody of various events that occurred in a specific sequence while collecting, transferring, storing, analyzing and interpreting the evidence to solve a cybercrime incident [11], [5]. While on the other hand cybercriminals instigate malicious activities through multimedia and network devices such as business credential leakages, information theft and unauthorized access [12]. This allows hackers and other intruders to forge and tamper with the collected evidence. ...
Article
Full-text available
Due to globalization and worldwide connectivity, multimedia data exchange has increased significantly over the Internet in the last decade. The life cycle of multimedia content is also getting more multifaceted as more people are accessing, sharing, modifying and re-using multimedia information. This poses serious challenges for the multimedia industry to provide integrity, reliability and trustworthiness for multimedia investigations against the growing cybersecurity threats. This paper bridges this gap by enabling a secure and transparent digital forensic investigations process using blockchain technology. MF-Ledger a Blockchain Hyperledger sawtooth-enabled novel, secure and efficient digital forensic investigation architecture is proposed where participating stakeholders create a private network to exchange and agree on different investigation activities before being stored on the blockchain ledger. We have created digital contracts (smart contracts) and implemented them using sequence diagrams to handle the stakeholders’ secure interaction in the investigation process. The proposed architectural solution delivers robust information integrity, prevention, and preservation mechanism to permanently and immutably store the evidence (chain of custody) in a private permissioned encrypted blockchain ledger.
... A Botnet performs controlled functions commanded by the controller. [1] Botnet detection is a serious issue in digital forensics. Now machine learning algorithms are used to detect Botnet activities. ...
... A bot is a malicious program that acts upon botherder's command. Botherder executes this bot illegally further for the selfinterest, which is called bot attack [1]. Bot attack is difficult to handle as botnet rapidly germinates in order to get off the detection process. ...
... Next build E X with n classifier � {E X (1) , E X(2) ,. . .. . ...
Article
Full-text available
Botnet forensic analysis helps in understanding the nature of attacks and the modus operandi used by the attackers. Botnet attacks are difficult to trace because of their rapid pace, epidemic nature, and smaller size. Machine learning works as a panacea for botnet attack related issues. It not only facilitates detection but also helps in prevention from bot attack. The proposed inquisition model endeavors improved quality of results by comprehensive botnet detection and forensic analysis. This scenario has been applied in eight different combinations of ensemble classifier technique to detect botnet evidence. The study is also compared to the ensemble-based classifiers with the single classifier using different parameters. The results exhibit that the proposed model can improve accuracy over a single classifier.
... There are various research challenges in botnets detection focusing on aspects such as real-time detection of attack type, deep analysis of network traffic, improvement of detection accuracy, improvement of machine learning techniques, behavior analysis-based techniques, botnet detection frameworks, fast-flux techniques for anomalous communications and many others. [7,8]. ...
Article
Full-text available
At present, the Internet users are facing the most serious threats considering the malwares have become a powerful tool for attackers. Botnets are one of the most significant malwares. A Bot is an intelligent program run by worms, Trojans or other malicious codes that could perform a group of cyber-attacks on the Internet. Botnets are used for attacks such as stealing data, spam, denial-of-service, phishing etc. A variety of methods and algorithms have been proposed to detect botnets, in which each of them has an emphasis on specific data or methods. Using Netflow data is an effective and agile method compared to other methods in detecting botnets. This research focuses on centralized and HTTP botnets. In the proposed method, we used the hierarchical clustering, X-Means clustering, and rule-based classification. The methods helped to achieve fast and accurate recognition. Hierarchical clustering improved the speed and accuracy rate in the process of separating the flows. The X-Means algorithm led to the highest cohesion inside the clusters and the maximum distance between clusters by choosing optimal K. Using rule-based classification, each cluster with the similar flow is placed in a bot cluster, a semi-bot cluster or a normal cluster. By performing network traffic flow analysis for the proposed method, sets of botnets have been evaluated and the results indicated that more than 95% accuracy in detection. By a minimum overhead, this approach can provide botnet detection with high accuracy and speed.