HackersEssay Preview: HackersReport this essayResearch CritiqueIntroductionThe ability of the attackers to rapidly gain control of vast number of Internet hosts poses an immense threat to the overall security of the Internet (Staniford, Paxson & Weaver, 2002). Once compromised, these hosts can not only be used for massive Distributed Denial of Service (DDoS) attacks, but also steal or corrupt great quantities of sensitive information by confusing and disrupting the network in more subtle ways (Honeynet, 2005).

The attackers accomplish this task by sending an intrusion agent commonly known as worm. There are “two major types of malicious codes in the wild” (Todd, 2003, pp. 2). These codes are differentiated by their means of propagation: worms are self-replicating, self-propagating, whereas, viruses require some form of human interaction. Much like biological viruses cause disease in humans by compromising their body defence mechanism, a worm can not only damage or shut down host or networks but they are also mutating and becoming more complex. Worms can carry payloads designed for specific malicious intent (Todd, 2003). According to Geer (2005) there is a less familiar threat that many experts say could be just as dangerous: malicious bot software. According to Nazario et al. the evolution of the Internet worms will prove to be more difficult to identify and eradicate (Nazario, Anerson, Wash & Connelly, 2001).

Although the attack vector is in many cases more recent than the current list of malware, both in severity and frequency, the threat is still a real problem and there are many ways to attack it. Most are: malware-infected, software that infects host computer, such as worms and file injection, (Todd, 2005). Even in the case of software that infects host computer, this malware requires that it does not have an IP address. When such infection is successful the malware attempts a brute force attack by opening the source code on host computer and extracting this source code, causing a denial of service (DDoS) attack. If done correctly the original source code is executed on host computer. If done correctly the original malware code does not have the necessary information needed to successfully inject malicious code at the site, which is typically a domain name. When the original is executed the malicious payload is then executed directly on host computer.

The attackers accomplish this target by sending an intrusion agent commonly known as: worm. The worm injects code using a series of steps that will cause the web server to shut down. All attempts to open code within the browser on the first stage do not fail, and any further attempts during all steps will not run. As malware spreads through the browser to other websites, users in those domains or websites will get an error message which states which source, or source code, the software uses. Any attempt to open code within the browser will generate a new web url that redirects the user in this way. The worm injects code by following a similar pattern.

The attackers accomplish this target by sending an intrusion agent commonly known as: worm. The worm injects code by following a similar pattern. This is an extremely common type of worm. In general it is used to infect an Internet host (e.g. Microsoft Word and Word CC) through the attack of any malicious programs. A few of these malware can be identified by the worm in their payload. The more complex the worm injects and the more sophisticated the malicious programs it uses the more sophisticated it is known to appear at the affected domains. This is because the worm injects more code at more targets than the current list has in its list of malicious code items. In some cases it also does not work because the worm injects code more quickly than the current list lists. In another example the worm code that infects a website is actually a form of malware but it is more or less harmless. A malicious program can infect a website to extract IP addresses and the passwords of the targeted users that it attacks through a series of attacks at a compromised website. These attacks cause the sites to fall victim to worms that use the compromised server to load malware. For instance, the malicious worms can read the passwords of IP address spoofers and hijack their web pages. The same type of malware that infects any websites which are compromised by online spam can infect all websites on the affected host computer and even on the Web site. A website will be compromised because it will include malware that is the target of online spamming but then it can be infected even further. And yet worms still work and, by nature, it is not a problem.

Although a large portion of these worm infections are in the wild and are probably very subtle, some are a bigger issue than others.

A large portion of these worms are in the wild and are probably very subtle, some are a larger issue than others, but they are also relatively easy to detect and most of them have been successfully identified.

Hackers can install bots on multiple computers to set up “Malnets” or “Botnets” that they can use for massive DDoS attacks. Network security experts identify and shut down Malnets with 10 to 100 compromised hosts several times a day. Large malnets with 10,000 compromised hosts are rare but they still happen weekly, besides security investigators have found one malnet of 100,000 computers (Johannes, 2004).

Rationale for selecting this article:Long before the first known massive worm infection on the internet in 1988, the researchers had already started taking interest in self-propagating and self-replicating software. First article that discussed self-replicating code within a C compiler appeared in 1984 by Thompson. Morris worm was launched in 1988, which had a devastating effect on the Internet (Todd, 2003).

Most research conducted so far has focused on modeling and detection of the Internet worm propagation. However, the final objective of the research is containment and elimination of these worms, which has not received enough research (Zheng & Duan).

This paper discusses the possible future network attack which will probably use an organized army of malicious nodes called malnets. These malnets are capable of delivering many different types of attacks. According to several researchers who are working on finding out how the malicious worms propagate on the internet the ground has already been set (Honeynet, 2005; Zheng & Duan; Geer, 2005; Staniford, Paxson & Weaver, 2002). However, “partly due to the lack of understanding of the resiliency and efficiency a malnet can have, countering malnets has been ineffective” (Li, Ehrenkranz & Kuenning, 2005).

Placement of the article in the literatureThe paper is very recent and appeared in 2005. Since the paper has an interesting and unique topic both in security of the Internet and how distributed systems of malicious bots work it can be considered both as emerging seminal work and supporting the existing literature. The literature on self-propagating code emerged four years before (Thompson, 1984) the actual Morris worm attack in 1988, and made the paper a classic. The authors of this article utilize all resources at their disposal to address the major problem in the modern Internet. According to the authors the second-wave attack can be very devastating and can disrupt the entire internet.

[Previous work in this field has focussed on a few different ways of identifying a targeted attack. While the paper does make comparisons on the Internet and on machine attack techniques, a similar focus on the worm attack in our field is quite applicable to other forms of targeted attack, such as Internet attack and manual injection, both of which could be identified in this paper and other published literature as well.]

Acknowledgments Thanks for the work that has allowed us to develop this paper. The author’s name has been changed, and some authors have commented. As a thank you for your contribution and knowledge, I look forward to the next paper! Also, in thanks and love to the author for his continued contributions.

Footnotes. We would like to thank Dr. Michael Hutton for his research and contributions.

Author’s names are provided in bold text, no bold letters are required. For the most up to date version of all the researchers’ credit, see the cited section. A new version should be added as it becomes available.

References

Ankara C, Miller CA, & Hatton DM. 2012. Web vulnerabilities in the world’s most popular botnet: an analysis. Security Review, 27 (5), 1045-1082.

Aloisini MA, Recht JF, & Jegblad MP. 1998. “Malwarebytes: Improper protection against spam, email and malware. International Workshop on Prevention and Mitigation of Unintentional Exploitation of Computer Software.” Workshop Workshop on Cybersecurity and Cybersecurity in Computer Systems for Emerging Technologies, International Workshop on Prevention of Unintentional Exploitation of Computer Software, Washington, DC.

Aloisini MA, & Smith EJ. 1998. Security: An investigation of the nature of vulnerabilities of computer systems. Security Review, 18 (1), 50-56.

Aldin N K, van Buren M, & Rother D. 2005. MACHINE-ATTRIBUTE RATTLES FOR BOTS AND HETOPY AS A DISPLAY OF RENT RACE IN THE BOTS IN THE CIRCUIT-WEST AND OF CIRCUIT-WATER DIAGNOSE. J-P. Computational Cybersecurity and Applications, 30, 881-882.

Bertrand MA, Wieser P. 1995. The Internet as an internet: A cyberthreat. J. Comput. Cyber. Evolving Technologies, 17, 201-219.

Bonin JA, de Souza A, & Koo P. 2005. A meta-analysis of the effect of online intrusion on machine-oriented and non-organizational organizations, the World Bank Journal, 24 Aug. 2004; p

Research question addressed in this paperThe authors of this paper give a new term for Botnets which is commonly used in the literature and call it malnets. The network of compromised computers which work as an organized distributed system and first justifies why it is important to understand the efficiency and resiliency of the malnets. The authors then use calculation and simulation to study the efficiency and resiliency characteristics of three types of malnets. They study “Random malnet”, “Small-world malnet”, and “Gnutella-like malnet”. They attempt to answer the following two questions:

For a given malnet, if x nodes are randomly disinfected, what percentage of remaining nodes will remain connected?What is the impact of a malnets size on its resiliency?They answer all these questions by studying the three types of malnets. Finally the discussion of the results of simulation is given along with related work.

Research Method involvedThe research method used is simulation and calculation. They simulate all three types of malnets and calculate how long it will take the malicious code to propagate from the controller to any node in the malnet.

FindingsAccording to authors it will take 6 minutes for the malicious code of about one megabyte to propagate on a malnet with one million malnodes, and it will require a maximum of 17 hops between any two nodes in a random malnet, if each malnode is connecting to maximum of four nodes.

They further find that although there is no direct organization in a random malnet by testing 20 different 10,000 node malnets with different values of x if they drop 1024 nodes randomly where the connectivity is r=2 the reachibility is decreased 43.3%, however, if the r=4 the reachability remains 99.8% .

To disconnect small-world networks the authors use Watts and Strogatz model (1998). They used r=4 and disconnected 795 carefully selected nodes however, if the random nodes are disconnected they have to be around 7000 to 8000 to make the small world malnet disfunctional.

Gnutella like malnets stay connected according to simulation even when 75% of the total nodes are dropped, and dropping around 87.5% nodes will still leave 97% of the nodes connected.

They conclude that even malnets with a relatively modest number of nodes are still very difficult to disconnect.Significance of contributionAccording to authors due to lack of understanding of the resiliency and efficiency features a malnet can have not much work has been done for disabling these malicious networks. The authors have shown that it

Get Your Essay

Cite this page

Authors Of This Article And Organized Army Of Malicious Nodes. (October 13, 2021). Retrieved from https://www.freeessays.education/authors-of-this-article-and-organized-army-of-malicious-nodes-essay/