Attacking and Defending with Intelligent Botnets

Moises Danziger; Marco Aurelio Amaral Henriques; Marco Aurelio Amaral Henriques

doi:10.14209/sbrt.2017.259

Attacking and Defending with Intelligent Botnets

Moises Danziger, Marco Aurelio Amaral Henriques , Marco Aurelio Amaral Henriques

DOI: 10.14209/sbrt.2017.259

Evento: XXXV Simpósio Brasileiro de Telecomunicações e Processamento de Sinais (SBrT2017)

Keywords: Botnets Machine Learning Autonomous systems Intelligent Agents

Abstract

Machine learning (ML) has been seen as a great ally of security. All his potential to automate actions with some level of intelligence has called the attention of industry which is using it on security systems. However, attackers have also noted all ML potential. In a first moment, attackers have tried to fight MLbased security tools through the study and exploitation of weak points in ML techniques. It is named as adversarial machine learning. Besides this first application, someone could apply a ML-based tool directly against a security system. It is the case of intelligent botnets - a different type of botnet made of relatively intelligent bots which can take decisions by their own during the attack. So, in this work we are making a reflection on the future of botnets within the context of ML and showing that this kind of botnet could break the current detection approaches. We also point out to the need for creating new approaches to combat bots with some kind of intelligence. Moreover, we propose a theoretical model of intelligent bots, their possible impacts and combat strategies.

Download