Chinese Journal of Network and Information Security ›› 2021, Vol. 7 ›› Issue (4): 30-41.doi: 10.11959/j.issn.2096-109x.2021070
• TopicⅠ: Network Security: Attack and Defense • Previous Articles Next Articles
Hao ZHAO, Hui SHU, Fei KANG, Ying XING
Revised:
2021-05-17
Online:
2021-08-01
Published:
2021-08-01
Supported by:
CLC Number:
Hao ZHAO, Hui SHU, Fei KANG, Ying XING. High resistance botnet based on smart contract[J]. Chinese Journal of Network and Information Security, 2021, 7(4): 30-41.
"
符号 | 含义 |
S | 高可信的超级僵尸节点S,即僵尸子网的实际控制节点 |
Block | 区块链中的区块,前后链接组成完整的区块链(图中椭圆虚线框内) |
FN | 维护完整区块链数据副本的节点,可称为全节点(full node) |
FNB | 被僵尸网络感染后成为全节点的僵尸节点,即僵尸全节点(full node bot) |
LN | 只维护完整区块链数据索引的节点,可称为轻节点(light node) |
LNB | 被僵尸网络感染后成为轻节点的僵尸节点,即僵尸轻节点(light node bot) |
Cmd | 由超级节点 S 转发的来自僵尸控制者的攻击命令或控制指令 |
Msg | 各僵尸节点(FNB和LNB)向僵尸控制者上报的节点状态信息或攻击执行反馈 |
回传信道 | 由僵尸节点向僵尸控制节点S回传数据的通信信道 |
"
序号 | 变量或函数名 | 解释说明 |
1 | command | 传递具体命令的结构体变量,由2,3,4组成 |
2 | attack | string类型,表示攻击方式,如syn flood、http get |
3 | target | string类型,表示攻击目标的地址或域名 |
4 | duration | string类型,表示攻击活动的持续时间 |
5 | botmaster | address类型,表示僵尸网络控制者账户地址,即S节点的账户 |
6 | contractAddress | address类型,表示合约账户地址 |
7 | toAllBots | command结构体类型,表示广播给全体僵尸节点的命令 |
8 | singleBot | command结构体类型,表示单播给指定僵尸节点的命令 |
9 | botnetChannel(address b) | 合约构造函数,指定合约发起者 |
10 | newContractAddress(address n) | 合约地址更新函数 |
11 | getContractAddress() | 合约地址获取函数 |
12 | sendCommandtoAllBots(string a, string t, string d) | 广播命令发送函数,函数运行后会先验证调用者身份,确认命令真实性 |
13 | sendCommandtoSingleBot(string a, string t, string d, address s) | 单播命令发送函数,函数运行后会先验证调用者身份,确认命令真实性 |
14 | getCommand_all( ) | 广播命令获取函数 |
15 | getCommand_single( ) | 单播命令获取函数 |
"
类别A | 指标a | 权重w |
a11:检查ping程序的返回结果(蜜罐中往往返回相同结果) | w11 | |
A1(默认配置) | a12:检查常见用户名口令是否能够登录 | w12 |
a13:检查主机名是否正常 | w13 | |
a14:检查Telnet、OpenSSH、Apache等软件版本 | w14 | |
…… | … | |
a21:检查常见 Linux 命令行操作(如“cd ~/,$?”)的执行结果 | w21 | |
A2(系统指令) | a22:检查循环结构指令的执行结果(蜜罐中会报错) | w22 |
a23:检查带选项(如 -help)的命令行操作结果 | w23 | |
…… | … | |
a31:检查网络时延 | w31 | |
a32:检查系统组件调用的时延 | w32 | |
A3(异常行为) | a33:检查端口开放数量(正常系统一般不超过5个) | w33 |
a34:检查重新连接前后创建的文件是否仍然存在 | w34 | |
a35:检查监控软件标志 | w35 | |
…… | … |
[1] | BHATT P , THAKKER B . Isolating botnet attacks using bootstrap aggregating surflex-PSIM Classifier in IoT[J]. Journal of Intelligent& Fuzzy Systems, 2020,38(2): 1827-1840. |
[2] | KEBANDE V R , VENTER H S . Obfuscating a cloud-based botnet towards digital forensic readiness[C]// 10th International Conference on Cyber Warfare and Security (ICCWS-2015). 2015. |
[3] | YIN T , ZHANG Y , LI S . DR-SNBot:a social network-based botnet with strong destroy-resistance[C]// 2014 9th IEEE International Conference on Networking,Architecture,and Storage (NAS). 2014. |
[4] | UNDERWOOD S . Blockchain beyond bitcoin[J]. Communications of the ACM, 2016,59(11): 15-17. |
[5] | LEE B , LEE J H . Blockchain-based secure firmware update for embedded devices in an internet of things environment[J]. The Journal of Supercomputing, 2017,73(3): 1152-1167. |
[6] | DORRI A , STEGER M , KANHERE S S ,et al. Blockchain:a distributed solution to automotive security and privacy[J]. IEEE Communications Magazine, 2017,55(12): 119-125. |
[7] | SIKORSKI J J , HAUGHTON J , KRAFT M . Blockchain technology in the chemical industry:machine-to-machine electricity market[J]. Applied Energy, 2017,195: 234-246. |
[8] | WANG W , MA X . Blockchain-based botnets for command-andcontrol Resilience[J]. Botnets:Architectures,Countermeasures,and Challenges, 2019: 217. |
[9] | ALI S T , MCCORRY P , LEE H J ,et al. ZombieCoin:powering next-generation botnets with bitcoin[C]// International Conference on Financial Cryptography and Data Security. 2015. |
[10] | FRKAT D , ANNESSI R , ZSEBY T . ChainChannels:private botnet communication over public blockchains[C]// 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber,Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData). 2018. |
[11] | CURRAN T , GEIST D . Using the bitcoin blockchain as a botnet resilience mechanism[EB]. |
[12] | MAJID N A I , MALAIKA A , IBRAHIM O A . Botract:abusing smart contracts and blockchains for botnet command and control[EB]. |
[13] | ZOHAR O . Unblockable[EB]. |
[14] | SWAN M . Blockchain:blueprint for a new economy[M]. Blockchain: blueprint for a new economy.O'Reilly, 2015. |
[15] | LUU L , CHU D H , OLICKEL H ,et al. Making smart contracts smarter[C]// ACM Sigsac Conference. 2016: 254-269. |
[16] | KAMENSKI D , SHAGHAGHI A , WARREN M ,et al. Attacking with bitcoin:using bitcoin to build resilient botnet armies[M]. Chain:Springer. 2019. |
[17] | U.S.leads multi-national action against “gameover zeus” botnet and “cryptolocker” ransom ware,charges botnet administrator[SEB]. |
[18] | LI K , FANG B X , CUI X ,et al. Study of botnets trends[J]. Journal of Computer Research and Development, 2016,53(10): 2189-2206. |
[19] | BCK L , ALEXOPOULOS N , SARACOGLU E ,et al. Assessing the threat of blockchain-based botnets[C]// 2019 APWG Symposium on Electronic Crime Research (eCrime). 2020. |
[20] | ATZEI N , BARTOLETTI M , CIMOLI T . A survey of attacks on ethereum smart contracts (SoK)[C]// International Conference on Principles of Security and Trust. 2017. |
[21] | DITTRICH D , . So you want to take over a botnet[C]// Proc of the 5th USENIX Workshop on Large-Scale Exploits and Emergent Threats. 2012 |
[1] | Zhao CAI, Tao JING, Shuang REN. Survey on Ethereum phishing detection technology [J]. Chinese Journal of Network and Information Security, 2023, 9(2): 21-32. |
[2] | Heli WANG, Qiao YAN. Selfish mining detection scheme based on the characters of transactions [J]. Chinese Journal of Network and Information Security, 2023, 9(2): 104-114. |
[3] | Beiyuan YU, Shanyao REN, Jianwei LIU. Overview of blockchain assets theft attacks and defense technology [J]. Chinese Journal of Network and Information Security, 2023, 9(1): 1-17. |
[4] | Qiang LIU, Pengfei LI, Zhangjie FU. Secure controlling method for scalable botnets [J]. Chinese Journal of Network and Information Security, 2023, 9(1): 42-55. |
[5] | Fei TANG, Ning GAN, Xianggui YANG, Jinyang WANG. Anti malicious KGC certificateless signature scheme based on blockchain and domestic cryptographic SM9 [J]. Chinese Journal of Network and Information Security, 2022, 8(6): 9-19. |
[6] | Dan LIN, Kaixin LIN, Jiajing WU, Zibin ZHENG. Bytecode-based approach for Ethereum smart contract classification [J]. Chinese Journal of Network and Information Security, 2022, 8(5): 111-120. |
[7] | Liquan CHEN, Xiao LI, Zheyi YANG, Sijie QIAN. Blockchain-based high transparent PKI authentication protocol [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 1-11. |
[8] | Wenbo ZHANG, Simin CHEN, Lifei WEI, Wei SONG, Dongmei HUANG. State-of-the-art survey of smart contract verification based on formal methods [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 12-28. |
[9] | Feng LIU, Jie YANG, Jiayin QI. Survey on blockchain privacy protection techniques in cryptography [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 29-44. |
[10] | Xiaoling SONG, Yong LIU, Jingnan DONG, Yongfei HUANG. Application and prospect of blockchain in Metaverse [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 45-65. |
[11] | Lin JIN, Youliang TIAN. Multi-authority attribute hidden for electronic medical record sharing scheme based on blockchain [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 66-76. |
[12] | Pengkun JIANG, Wenyin ZHANG, Jiuru WANG, Shanyun HUANG, Wanshui SONG. Blockchain covert communication scheme based on the cover of normal transactions [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 77-86. |
[13] | Jianlin NIU, Zhiyu REN, Xuehui DU. Cross-domain authentication scheme based on consortium blockchain [J]. Chinese Journal of Network and Information Security, 2022, 8(3): 123-133. |
[14] | Baoqin ZHAI, Jian WANG, Lei HAN, Jiqiang LIU, Jiahao HE, Tianhao LIU. Hierarchical proxy consensus optimization for IoV based on blockchain and trust value [J]. Chinese Journal of Network and Information Security, 2022, 8(3): 142-153. |
[15] | Jiaren YU, Youliang TIAN, Hui LIN. Design of miner type identification mechanism based on reputation management model [J]. Chinese Journal of Network and Information Security, 2022, 8(1): 128-138. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||
|