Abstract
We focus on the problem of botnet orchestration and discuss how attackers can leverage decentralised technologies to dynamically control botnets with the goal of having botnets that are resilient against hostile takeovers. We cover critical elements of the Bitcoin blockchain and its usage for ‘floating command and control servers’. We further discuss how blockchain-based botnets can be built and include a detailed discussion of our implementation. We also showcase how specific Bitcoin APIs can be used in order to write extraneous data to the blockchain. Finally, while in this paper, we use Bitcoin to build our resilient botnet proof of concept, the threat is not limited to Bitcoin blockchain and can be generalized.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Ahmed, Z., Danish, S.M., Qureshi, H.K., Lestas, M.: Protecting IoTs from Mirai Botnet attacks using blockchains. In: 2019 IEEE 24th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD), pp. 1–6. IEEE (2019)
Bistarelli, S., Mercanti, I., Santini, F.: An analysis of non-standard bitcoin transactions. In: 2018 Crypto Valley Conference on Blockchain Technology (CVCBT), pp. 93–96. IEEE (2018)
Kaminsky, D.: Black ops of TCP/IP (2011)
Kambourakis, G., Anagnostopoulos, M., Meng, W., Zhou, P.: Botnets: Architectures, Countermeasures, and Challenges. CRC Press, Boca Raton (2019)
Ogu, E.C., Ojesanmi, O.A., Awodele, O., et al.: A Botnets circumspection: the current threat landscape, and what we know so far. Information 10(11), 337 (2019)
Sagirlar, G., Carminati, B., Ferrari, E.: AutoBotCatcher: blockchain-based P2P botnet detection for the internet of things. In: 2018 IEEE 4th International Conference on Collaboration and Internet Computing (CIC), pp. 1–8. IEEE (2018)
Singh, M., Singh, M., Kaur, S.: Issues and challenges in DNS based botnet detection: a survey. Comput. Secur. 86, 28–52 (2019)
Stone-Gross, B., Cova, M., Cavallaro, L., Gilbert, B., Szydlowski, M., Kemmerer, R., Kruegel, C., Vigna, G.: Your Botnet is my Botnet: analysis of a botnet takeover. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 635–647 (2009)
Trend Micro: Glupteba Campaign Hits Network Routers and Updates C&C Servers with Data from Bitcoin Transactions. Accessed 01 Feb 2020
Zohar, O.: Unblockable Chains – a POC on using blockchain as infrastructure for malware operations. Accessed 01 Feb 2020
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendices
A Payload and Listener
B Calc.exe Launched from Meterpreter
C Dynamic Transport Connection
D Simple Block Explorer
E Full Node Block Explorer
Rights and permissions
Copyright information
© 2021 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Kamenski, D., Shaghaghi, A., Warren, M., Kanhere, S.S. (2021). Attacking with Bitcoin: Using Bitcoin to Build Resilient Botnet Armies. In: Herrero, Á., Cambra, C., Urda, D., Sedano, J., Quintián, H., Corchado, E. (eds) 13th International Conference on Computational Intelligence in Security for Information Systems (CISIS 2020). CISIS 2019. Advances in Intelligent Systems and Computing, vol 1267. Springer, Cham. https://doi.org/10.1007/978-3-030-57805-3_1
Download citation
DOI: https://doi.org/10.1007/978-3-030-57805-3_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-57804-6
Online ISBN: 978-3-030-57805-3
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)