Search results
1 – 10 of 179Ok‐Ran Jeong, Chulyun Kim, Won Kim and Jungmin So
A botnet is a network of computers on the internet infected with software robots (or bots). There are numerous botnets, and some of them control millions of computers. Cyber…
Abstract
Purpose
A botnet is a network of computers on the internet infected with software robots (or bots). There are numerous botnets, and some of them control millions of computers. Cyber criminals use botnets to launch spam e‐mails and denial of service attacks; and commit click fraud and data theft. Governments use botnets for political purposes or to wage cyber warfare. The purpose of this paper is to review the botnet threats and the responses to the botnet threats.
Design/methodology/approach
The paper describes how botnets are created and operated. Then, the paper discusses botnets in terms of architecture, attacking behaviors, communication protocols, observable botnet activities, rally mechanisms, and evasion techniques. Finally, the paper reviews state‐of‐the‐art techniques for detecting and counteracting botnets, and also legal responses to botnet threats.
Findings
Botnets have become the platform for many online threats such as spam, denial of service attacks, phishing, data thefts, and online frauds. Security researchers must develop technology to detect and take down botnets, and governments must develop capacity to crack down on botmasters and botnets. Individual computer owners must diligently take measures to keep their computers from becoming members of botnets.
Originality/value
The paper provides a review of current status of botnets and a summary of up‐to‐date responses to botnets in both technical and legal aspects, which can be used as a stepping stone for further research.
Details
Keywords
Geetha K. and Brahmananda S.H.
IoT has a wide range of applications in the health-care sector and has captured the interest of many academic and industrial communities. The health IoT devices suffer from botnet…
Abstract
Purpose
IoT has a wide range of applications in the health-care sector and has captured the interest of many academic and industrial communities. The health IoT devices suffer from botnet attacks as all the devices are connected to the internet. An army of compromised bots may form to launch a DDoS attack, steal confidential data of patients and disrupt the service, and hence detecting this army of bots is paramount. This study aims to detect botnet attacks in health IoT devices using the deep learning technique.
Design/methodology/approach
This paper focuses on designing a method to protect health IoT devices from botnet attacks by constantly observing communication network traffic and classifying them as benign and malicious flow. The proposed algorithm analyzes the health IoT network traffic through implementing Bidirectional long-short term memory, a deep learning technique. The IoT-23 data set is considered for this research as it includes diverse botnet attack scenarios.
Findings
The performance of the proposed method is evaluated using attack prediction accuracy. It results in the highest accuracy of 84.8%, classifying benign and malicious traffic.
Originality/value
The proposed method constantly monitors the health IoT network to detect botnet attacks and classifies the traffic as benign or attack. The system is implemented using the BiLSTM algorithm and trained using the IoT-23 data set. The diversity of attack scenarios of the IoT-23 data set demonstrates the proposed algorithm's competence in detecting botnet types in a heterogeneous environment.
Details
Keywords
Armando Miraglia and Matteo Casenove
This paper proposes an approach to deal with malware and botnets, which in recent years have become one of the major threats in the cyber world. These malicious pieces of software…
Abstract
Purpose
This paper proposes an approach to deal with malware and botnets, which in recent years have become one of the major threats in the cyber world. These malicious pieces of software can cause harm not only to the infected victims but also to actors at a much larger scale. For this reason, defenders, namely, security researchers and analysts, and law enforcement have fought back and contained the spreading infections. However, the fight is fundamentally asymmetric.
Design/methodology/approach
In this paper, the authors argue the need to equip defenders with more powerful active defence tools such as malware and botnets, called antidotes, which must be used as last resort to mitigate malware epidemics. Additionally, the authors argue the validity of this approach by considering the ethical and legal concerns of leveraging sane and compromised hosts to mitigate malware epidemics. Finally, the authors further provide evidence of the possible success of these practices by applying their approach to Hlux, Sality and Zeus malware families.
Findings
Although attackers have neither ethical nor legal constraints, defenders are required to follow much stricter rules and develop significantly more intricate tools. Additionally, attackers have been improving their malware to make them more resilient to takeovers.
Originality/value
By combining existing research, the authors provide an analysis and possible implication of a more intrusive yet effective solution for fighting the spreading of malware.
Details
Keywords
Brenden Kuerbis and Farzaneh Badiei
There is growing contestation between states and private actors over cybersecurity responsibilities, and its governance is ever more susceptible to nationalization. The authors…
Abstract
Purpose
There is growing contestation between states and private actors over cybersecurity responsibilities, and its governance is ever more susceptible to nationalization. The authors believe these developments are based on an incomplete picture of how cybersecurity is actually governed in practice and theory. Given this disconnect, this paper aims to attempt to provide a cohesive understanding of the cybersecurity institutional landscape.
Design/methodology/approach
Drawing from institutional economics and using extensive desk research, the authors develop a conceptual model and broadly sketch the activities and contributions of market, networked and hierarchical governance structures and analyze how they interact to produce and govern cybersecurity.
Findings
Analysis shows a robust market and networked governance structures and a more limited role for hierarchical structures. Ex ante efforts to produce cybersecurity using purely hierarchical governance structures, even buttressed with support from networked governance structures, struggle without market demand like in the case of secure internet identifiers. To the contrary, ex post efforts like botnet mitigation, route monitoring and other activities involving information sharing seem to work under a variety of combinations of governance structures.
Originality/value
The authors’ conceptual framework and observations offer a useful starting point for unpacking how cybersecurity is produced and governed; ultimately, we need to understand if and how these governance structure arrangements actually impact variation in observed levels of cybersecurity.
Details
Keywords
This strategy significantly reduces the computational overhead and storage overhead required when using the kernel density estimation method to calculate the abnormal evaluation…
Abstract
Purpose
This strategy significantly reduces the computational overhead and storage overhead required when using the kernel density estimation method to calculate the abnormal evaluation value of the test sample.
Design/methodology/approach
To effectively deal with the security threats of botnets to the home and personal Internet of Things (IoT), especially for the objective problem of insufficient resources for anomaly detection in the home environment, a novel kernel density estimation-based federated learning-based lightweight Internet of Things anomaly traffic detection based on nuclear density estimation (KDE-LIATD) method. First, the KDE-LIATD method uses Gaussian kernel density estimation method to estimate every normal sample in the training set. The eigenvalue probability density function of the dimensional feature and the corresponding probability density; then, a feature selection algorithm based on kernel density estimation, obtained features that make outstanding contributions to anomaly detection, thereby reducing the feature dimension while improving the accuracy of anomaly detection; finally, the anomaly evaluation value of the test sample is calculated by the cubic spine interpolation method and anomaly detection is performed.
Findings
The simulation experiment results show that the proposed KDE-LIATD method is relatively strong in the detection of abnormal traffic for heterogeneous IoT devices.
Originality/value
With its robustness and compatibility, it can effectively detect abnormal traffic of household and personal IoT botnets.
Details
Keywords
The issue of cybersecurity has been cast as the focal point of a fight between two conflicting governance models: the nation-state model of national security and the global…
Abstract
Purpose
The issue of cybersecurity has been cast as the focal point of a fight between two conflicting governance models: the nation-state model of national security and the global governance model of multi-stakeholder collaboration, as seen in forums like IGF, IETF, ICANN, etc. There is a strange disconnect, however, between this supposed fight and the actual control over cybersecurity “on the ground”. This paper aims to reconnect discourse and control via a property rights approach, where control is located first and foremost in ownership.
Design/methodology/approach
This paper first conceptualizes current governance mechanisms through ownership and property rights. These concepts locate control over internet resources. They also help us understand ongoing shifts in control. Such shifts in governance are actually happening, security governance is being patched left and right, but these arrangements bear little resemblance to either the national security model of states or the global model of multi-stakeholder collaboration. With the conceptualization in hand, the paper then presents case studies of governance that have emerged around specific security externalities.
Findings
While not all mechanisms are equally effective, in each of the studied areas, the author found evidence of private actors partially internalizing the externalities, mostly on a voluntary basis and through network governance mechanisms. No one thinks that this is enough, but it is a starting point. Future research is needed to identify how these mechanisms can be extended or supplemented to further improve the governance of cybersecurity.
Originality/value
This paper bridges together the disconnected research communities on governance and (technical) cybersecurity.
Details
Keywords
The purpose of this paper is to describe how malware can harm the library's computers, and how technology can be used to protect them, in a way that can be understood by the…
Abstract
Purpose
The purpose of this paper is to describe how malware can harm the library's computers, and how technology can be used to protect them, in a way that can be understood by the non‐technical.
Design/methodology/approach
The searches encompassed articles and books on the issues of malware and technology‐based code organisms.
Findings
There were complex issues dealing with hackers and other malevolent and unscrupulous characters trying to break into computer systems for profit.
Research limitations/implications
Only small indicators of the overall problem have been addressed. Much more has to be investigated and learned.
Practical implications
It is advisable to learn to protect your computers more effectively when “online.”
Originality/value
Although much has been written about the problem, few articles offer concrete solutions to the problems.
Details
Keywords
The cybersecurity of consumer IoT devices has been a serious concern ever since the 2016 distributed denial-of-service (DDoS) attacks launched through the Mirai botnet exploited…
Details
DOI: 10.1108/OXAN-DB281264
ISSN: 2633-304X
Keywords
Geographic
Topical
Over a two‐month period, the editor of this media review has searched worldwide for the most interesting and useful articles, blogs and books on the topic of strategic management.
Abstract
Purpose
Over a two‐month period, the editor of this media review has searched worldwide for the most interesting and useful articles, blogs and books on the topic of strategic management.
Design/methodology/approach
In addition to his own finds, the editor sorted through suggestions by a team of veteran top managers and senior academics.
Findings
The result is a surprisingly diverse set of media articles about strategy and leadership on such topics as brand bruising, executive compensation at Detroit automakers, walled garden idea, Russian high‐tech boom, botnets threat, new LBO worker/management model, downsizing as restoration, four principles of luxury brands, growing economic ties between Asia and the Middle East, Indian automaker confront deregulation, addressing and adapting to global warming, commoditizing the Starbucks brand, Silicon Valley's geographical advantage, collaborative networks, new pricing strategies, dollar's reserve‐currency status.
Practical implications
URL links and references have been provided for the articles so that managers can easily follow up this quick scan of the media by reading the articles in full.
Originality/value
Provides a snapshot of what managers are reading and a guide to trends and fresh thinking.
Details