The chapter discusses the most recent and sophisticated form of steganography and information hiding that can be used to empower botnets. Specifically, it investigates techniques proposed by the academic literature and observed in the wild in real malware. Since steganography and information hiding can be also used to avoid the detection of the software implementing the botnet, to implement some anti-forensics techniques, or to exploit local communications to bypass the sandboxes deployed within a host, the chapter will also review and classify the most promising mechanisms that could be used to engineer sophisticated, future botnets. With such a background, the chapter will also introduce possible detection techniques as well as network architectures properly suited to counteract risks arising from botnets.
Advanced Information Hiding Techniques for Modern Botnets
Luca Caviglione;
2019
Abstract
The chapter discusses the most recent and sophisticated form of steganography and information hiding that can be used to empower botnets. Specifically, it investigates techniques proposed by the academic literature and observed in the wild in real malware. Since steganography and information hiding can be also used to avoid the detection of the software implementing the botnet, to implement some anti-forensics techniques, or to exploit local communications to bypass the sandboxes deployed within a host, the chapter will also review and classify the most promising mechanisms that could be used to engineer sophisticated, future botnets. With such a background, the chapter will also introduce possible detection techniques as well as network architectures properly suited to counteract risks arising from botnets.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
