Adam St. Onge

Abstract

The weakest link in detecting Botnets is typically the communication channel. What if there was a possibility to leverage existing high volume communication channels such as social networks for the command and control traffic of a botnet? Utilizing a social network such as Twitter, has many advantages over alternative methods, when done properly it is easier to hide in plain site due to the high volume of normal chatter, the protocol and traffic is already established as a known protocol to many security systems and antivirus software, and it is highly available across the globe. Twitter is aware of their potential for people using their network for nefarious purposes so they have developed a series of advanced protection mechanisms that need to be bypassed. The simplest solution would be to acquire an API key for access to programmatically post and fetch messages to Twitter but that would introduce a substantial weakness to the system. In the event that the traffic was identified once, Twitter could withdraw the API key and effectively shut down the botnet. To avoid this weakness we utilized web scraping technology and the mobile web site of twitter, which has a smaller set of protection mechanisms. The system is implemented in Python utilizing an open source library, Mechanize to scrape the mobile web site. There were challenges encountered in successfully accessing Twitter's web site that are shown. New social networks are being built everyday and the opportunity for utilizing these types of networks for communications of botnets presents a large opportunity and ultimately an urgent need for these network owners to become aware of the potential uses of their systems.

Library of Congress Subject Headings

Twitter--Security measures; Computer networks--Security measures; Online social networks--Security measures

Publication Date

12-1-2014

Document Type

Thesis

Student Type

Graduate

Degree Name

Networking and System Administration (MS)

Department, Program, or Center

Information Sciences and Technologies (GCCIS)

Advisor

Bill Stackpole

Advisor/Committee Member

Sylvia Perez-Hardy

Advisor/Committee Member

Daryl Johnson

Comments

Physical copy available from RIT's Wallace Library at TK5105.59 .S76 2014

Campus

RIT – Main Campus

Plan Codes

NETSYS-MS

Download

Share

COinS