Abstract
The focus on computer security has increased due to the ubiquitous use of Internet. Botnets are one of the biggest cyber threats. Botnet is a malware controlled by a Botmaster using Command and Control (C&C). Botnet is expanded with infecting fresh computers through social networking sites like facebook, twitter, etc. ZeuS is famous type of botnet for financial gain. It targets bank websites for stealing user’s credentials like password, credit card information,etc. In this paper, an application framework is designed for analysis and detection of ZeuS bot residing on host victim’s machine. The detection phase is based on analysis of bot’s infection stategy means in what way it affects the victims’s pc. All the related files are wiped out from the system in removal phase. The communication between command and control server and the victim machine is analysed in a virtual environment.
Highlights
The remarkable growth of the Internet technologies over the past few years changes the lifestyle of most people
The majority of zeus infections are unnoticed by antivirus products.Most of the products are unable to detect bot’s presence as it hides itself and appear as a system file on the victim’s machine.The bot could be detected only prior to the executable execution.The large number of zeus infections occur on machines which have an installed an up to date antivirus product[14]
ZeuS botnet experimental setup and analysis is performed in a virtual environment (Figure 5) having two machines i.e. “Bot victim and “command and control (C&C) server” that are isolated from host machine running VMware and the Internet [11]
Summary
The remarkable growth of the Internet technologies over the past few years changes the lifestyle of most people. Botnet targets data stealing, combating cyber attacks such as DDoS and hacking into bank accounts to get a financial gain. The objectives of Botnets developed from corrupting or stealing computers data to financial gain or a way to make a huge amount of fortune. B. Botnets The Command & Control(C&C) structure is the way a Botmaster communicates with the slaves or Bots. General keylogger captures every keystroke, but Zeus can be configured to grab the form information from targeted bank web sites and online stores, etc. The communication between the bot and the command and control server is done using the HTTP protocol(Figure 3). Whenever the bot needs to send information to the command and control server, it sends a POST request to the url_server URL specified in the dynamic configuration file. The analysis of ZeuS bot is performed in three layers i.e. binary, application and communication layer[15]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
