The White-hat Bot: A Novel Botnet Defense Strategy

By: TSgt Tyrone C. Gubler

Welcome to my thesis project page. This is a work in progress and more information will be posted as the project progresses.

Thesis Abstract

Botnets are a threat to computer systems and users around the world. Botmasters can range from annoying spam email propagators to nefarious criminals. These criminals attempt to take down networks or web servers through distributed denial-of-service attacks, to steal corporate secrets, or to launder money from individuals or corporations. As the number and severity of successful botnet attacks rise, computer security experts need to develop better early-detection and removal techniques to protect computer networks and individual computer users from these very real threats. I will define botnets and describe some of their common purposes and current uses. Next, I will reveal some of the techniques currently used by software security professionals to combat this problem. Finally I will provide a novel defensive strategy, the White-hat Bot (WHB), with documented experiments and results that may prove useful in the defense against botnets in the future.

Simple SampleBot sequence diagram

This is the simplest of the 3 simulated evil botsnets used in my research. The other two simulate the real-world Torpig and BlackEnergy botnets.

If you have questions, please feel free to contact me about this project at my personal email address: tygubler@gmail.com

Page last updated 9 April 2012