Botnet over Tor: The Illusion of Hiding
http://down--tech.blogspot.com/2015/01/botnet-over-tor-illusion-of-hiding.html
Botnet over Tor: The Illusion of Hiding
Nowadays, one of the main threats that the Internet users face are botnets. Botnets are employed for many kind of malicious activities; examples are DDoS, personal data theft, spam, bitcoin mining, and cyber-espionage. In the last ten years, the main antivirus vendors have reported a constant growth of botnets in the wild.
Traditionally, botnets are centralised overlay networks where the Command-and-Control (C&C) servers act as single point of control. Centralised botnets are easy to manage and maintain due to their centralised structure. A botmaster has a clear overview of the overlay network and she manages the bots, which, in turn, connect to the C&C servers to be reachable. Nevertheless, this architecture has an important drawback: the C&C servers are exposed and represent a single point of failure. Hence, by taking down the C&C servers, the whole botnet is defeated.
Link :- https://ccdcoe.org/cycon/2014/proceedings/d3r2s3_casenove.pdf
