“… Why Tigers Eat Their Young”
Posted by cadsmith on August 23, 2009
While not yet at the stage of mob behavior resulting from nanobots or neurobots within an internet of genes, the issue of botnets becomes more dramatic due to the simultaneous ease of concealment and scale of effect. Defensive efforts on all sides include a sort of philogeny, or species differentiation, for next generation networks that seek immunity from compromise, e.g. infrastructure utilities, government, and branches of robotics dedicated to security applications. Bots can be bought, and their nets, at least temporarily, assigned to arbitrary tasks through software which is downloaded to all, or specific, clients under herder control. Ideally, this will not reach things like online or absentee ballots in an election, or tax calculations, or the command-and-control systems of emergency management agencies. Pirate applications beat the system by routing transactions world-wide so that illicit goods or services, possibly counterfeit, can easily be distributed and rewards laundered. This is a lucrative franchise which depends upon the unemployed or uneducated to carry out the client recruiting and administration using relatively cheap and easy software developed by experts. There are reports of use against enemies of the state. Government enacts laws to neutralize perpetrators and track and whack cashflow. Military shuts down offenders which may have a high attrition rate as alternate networks assume the load to continue operations. Networks form supercomputers which both allow rapid development and introduce extreme risks. Consider a virtual API to perform large-scale functions using available resources, either open-source or heavily funded from illicit gains from fraud or extortion, so that the villains think that they have control of the internet and related intelligence gathering. (Incidentally, title is part of quote attributed to Al Capone.) Right now there is a lot of infighting. Eventually virtual PCs, possibly disposed of after they carry out actions, exhibit a realtime battle for supremacy. If media is based on volume, then there may seem to be social effects which are actually automatically generated.
Scientific methodology has previously yielded solutions for past grand challenges so timely participation is invited, e.g. on the part of testers. Ultimately there is a trade-off between public awareness reducing market size as user experience degenerates and social overhead costs climb, and arms-dealer-types attempting to increase security market.
Researchers may neutralize botnets and leave installed for active metrics as they interact with others. Custom admin apps add commands for performance analysis, antivirus monitoring and various alarms. This begins from familiar intranet and web testing and proceeds to reveal relevant structures and anomalies for botnets. Reports include statistics about number of clients and servers, non-intrusive network flow analysis, bandwidths, attack profiles, channel characterization, local or remote or coordinated bursty or persistent effects, dormancy periods to evade detection, encryption types, static and temporary IP addresses, types of accounts and website or device degradation and downtime. There are filters at DNS registrars, some of which turn out to be rogues.
Also see topic wiki.
Image: Circle of Spam