Abstract
As the root cause of illegal cyber activities, botnets are evolving continuously over the last two decades. Current researches on botnet command and control mechanism based on blockchain network suffer from high economic cost, single point of failure, and limited scalability. In this paper, we present DUSTBot, a novel P2P botnet model based on Bitcoin transactions to prepare for new cyber threats. Specifically, a covert, duplex, and low-cost command and control (C&C) channel in the Bitcoin network is presented in our work. DUSTBot uses the Bitcoin main network as the downstream channel while using the Bitcoin testnet as the upstream channel. Furthermore, the peer list exchange algorithm based on the Ethereum block hash proposed in this paper is effective against routing table poisoning attack and P2P botnet crawling. The robustness of DUSTBot against node removal is studied through constructing the botnet with a P2P simulator. We deploy the implementation of DUSTBot on cloud platforms to test its feasibility and performance. Moreover, the stealthiness of DUSTBot and the effectiveness of the proposed peer list exchange algorithm are evaluated. The results demonstrate the feasibility, performance, stealthiness, and robustness of DUSTBot. In the end, possible countermeasures are discussed to mitigate similar threats in the future.
Highlights
With the fast development of the Internet, the number of devices accessing the network, especially the Internet-of-Things (IoT) devices grows continually
The roundtrip time (RTT) of DUSTBot is expected to be larger than ZombieCoin
The RTT of BOTCHAIN is expected to be close to DUSTBot
Summary
With the fast development of the Internet, the number of devices accessing the network, especially the Internet-of-Things (IoT) devices grows continually. Gartner [1] forecasts that up to 20 billion network devices will be connected to the Internet by 2020. As the main cyber threat, botnet consists of a network of compromised computers (personal computer, mobile phones, or smart devices) controlled by a remote attacker (“botmaster”) [2]. Botnets may be the source of many cyber-attacks, including data exfiltration, E-mail spam, phishing, distributed denial-of-service (DDoS) attack [3], extortion [4], and cryptocurrency mining [5]. Compared to other Internet malware, the feature of command-and-control (C&C) communication makes the botnet unique. A covert and reliable C&C channel ensures the robustness of a botnet. Once the centralized C&C server is taken down, the botnet will be shut down
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
