AAU Student Projects - visit Aalborg University's student projects portal
A master's thesis from Aalborg University
Book cover


DAMOCLES: Analysing Botnets in a Dynamic Network Environment

Authors

;

Term

4. semester

Education

Cyber Security, Master

Publication year

2023

Pages

96

Abstract

Botnets er netværk af computere, der er inficeret med skadelig software (malware) og styres af angribere. De udgør en stor trussel mod virksomheder og institutioner på tværs af brancher, ofte drevet af økonomiske eller politiske motiver. Fordi botnets udvikler sig hurtigt og kan være ødelæggende, undersøger forskere og praktikere dem i kontrollerede, sikre testmiljøer i stedet for på rigtige netværk. Det giver et bedre udgangspunkt for at forstå truslen og udvikle effektive forsvarsmetoder. Projekt DAMOCLES udvikler et dynamisk testmiljø til botnetanalyse. Det kombinerer en virkelig netværkstopologi med GNS3’s muligheder for emulering (et værktøj der kan efterligne netværk) og skaber et blandet miljø, der kan efterligne realistiske scenarier. Projektet har til formål at studere både botnettets infrastruktur og de tekniske muligheder, malwaren har. DAMOCLES kortlægger relevante teknologier til at bygge et sådant system og beskriver metoder til overvågning og logning for at analysere botnettets adfærd. Bidraget er en omfattende, trinvis vejledning i, hvordan man opstiller miljøet i praksis, med fokus på både fordele og udfordringer.

Botnets are networks of computers infected with malicious software (malware) and controlled by attackers. They pose a serious threat to organizations across sectors, often driven by financial or political goals. Because botnets evolve quickly and can be destructive, researchers and practitioners study them in controlled, safe environments rather than on live networks. This approach improves our understanding of the threat and supports better defense practices. Project DAMOCLES develops a dynamic testbed for botnet analysis. It combines a real network topology with the emulation capabilities of GNS3 (a tool that can simulate networks) to create a heterogeneous environment that mimics realistic scenarios. The project aims to examine both the botnet’s infrastructure and the capabilities of the malware involved. DAMOCLES reviews technologies for building such a system and outlines monitoring and logging methods to analyze botnet behavior. Its contribution is a comprehensive, step-by-step guide to deploying the environment, highlighting both benefits and challenges.

[This summary has been rewritten with the help of AI based on the project's original abstract]

Documents

Download
View record in AAU Student Projects