A Threat to Cyber Resilience: A Malware Rebirthing Botnet

Authors

Murray Brand, Edith Cowan UniversityFollow
Craig Valli, Edith Cowan UniversityFollow
Andrew Woodward, Edith Cowan UniversityFollow

Document Type

Article

Publisher

School of Computer and Information Science, Security Research Centre, Edith Cowan University, Perth, Western Australia

Comments

Originally published in the Proceedings of the 2nd International Cyber Resilience Conference, Edith Cowan University, Perth Western Australia, 1st - 2nd August 2011

Abstract

This paper presents a threat to cyber resilience in the form of a conceptual model of a malware rebirthing botnet which can be used in a variety of scenarios. It can be used to collect existing malware and rebirth it with new functionality and signatures that will avoid detection by AV software and hinder analysis. The botnet can then use the customized malware to target an organization with an orchestrated attack from the member machines in the botnet for a variety of malicious purposes, including information warfare applications. Alternatively, it can also be used to inject known malware signatures into otherwise non malicious code and traffic to overloading the sensors and processing systems employed by intrusion detection and prevention systems to create a denial of confidence of the sensors and detection systems. This could be used as a force multiplier in asymmetric warfare applications to create confusion and distraction whilst attacks are made on other defensive fronts.