97級-蘇文輝-基於新的金鑰管理建構P2P Botnet

97級-蘇文輝-基於新的金鑰管理建構P2P Botnet

[ 摘要 ]
近年來網路惡意攻擊駭客已經逐漸發展成組織化，形成一股趨利主義的勢力。發送大量垃圾信件、利用阻斷服務攻擊(denial-of-service, DoS)來勒索和點擊詐欺(click fraud)等等相關新聞事件都是未來趨勢的警告訊息。傀儡網路(Botnet)在這些惡意攻擊中，是份量極為重大的角色之一，許多攻擊者都利用傀儡網路來發動這些惡意攻擊以賺取利益。
目前以傀儡網路為主的攻擊變的流行和危險，因此有許多研究會致力於如何偵測、監控和防禦傀儡網路(Botnet)。目前大部分的研究是致力於C&C Botnet的研究，是最早出現、研究的傀儡網路，以Internet Relay Chat(IRC) 網路即時聊天系統為主的傀儡網路，而引導這些研究的成果來應付目前我們面對的威脅是必要的。然而還有許多更進階的傀儡網路會被攻擊者發展出來，我們必需提前去設法瞭解才能知己知彼，例如P2P傀儡網路相較於IRC傀儡網路，因為不存在集中的控制點，因此在對P2P傀儡網路的反制會更困難，因此要防禦要先瞭解攻擊，所以我們想要設法先了解，否則，我們未來在下一代的惡意攻擊仍處於被動的情況。
除了P2P惡意程式的惡意攻擊，也有學者提出以P2P良性Botnet來對抗惡意Botnet的分散式阻斷服務攻擊（Distributed Denial of Service,DDoS），因此良性Botnet的發展也是抵制目前網路上龐大的惡意程式攻擊的方法之一，因此我們導入的新型金鑰管理在P2P Botnet在良性Botnet的領域上是否有幫助，在未來也值得探討。

[ 英文摘要 ]
In the recently many years, Internet malware attack have become better organized and more profitable. Email spam, extortion by denial-of-attack, and click fraud represent something of this emerging trend. “Botnet” is the main cause of these problems, many attackers use it to do these malware attacks.
Because botnet-based attacks become popular and dangerous, security researchers have studied how to detect, monitor and defend against them. Most of the present research has focused on the C&C Botnets that have first occurred in the past, especially the Internet Relay Chat (IRC) based Botnet. It’s necessary to conduct such research so as to deal with the threat we are facing today. However, it’s important to research on the advanced Botnet that be designed by the attacker in the near future – P2P Botnet for example. Otherwise, we will remain susceptible to the future internet malware attacks.
In addition to the malicious attacks of the P2P malware, some academics have suggested to P2P friendly Botnet against distributed denial of service attacks (Distributed Denial of Service, DDoS) of the malicious Botnet. Therefore the development of friendly Botnet is one of the ways to resist the current network of malicious programs attack. We import a new key management in the field of benign Botnet to research into whether it is worth exploring in the future.