<div class="csl-bib-body">
<div class="csl-entry">Frkat, D. (2019). <i>Subliminal channels in Blockchain applications for Hidden Botnet communication</i> [Diploma Thesis, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2019.57700</div>
</div>
-
dc.identifier.uri
https://doi.org/10.34726/hss.2019.57700
-
dc.identifier.uri
http://hdl.handle.net/20.500.12708/13797
-
dc.description.abstract
Botnets provide very powerful infrastructures for various malicious activities on the Internet. The aim of botnet operators is to produce an economically cheap, logistically feasible, hidden, fast, and robust Command and Control (C&C) network, which is rather difficult to obstruct in its functions and ideally impossible to take down. In the past, the race between botnet developers and their adversaries, such as competing botnet operators or authorities, led to highly innovative and sophisticated command and control (C&C) infrastructures [1]. The main weak point and leverage against botnets often turned out to be a vulnerability in the C&C concept, which could be used for the detection and take-down of the botnet [2, 3]. At the same time, many blockchain applications, such as cryptocurrencies, are widely adapted, partly because of its volatile financial value and growing ecosystem. With their decentralized, public, resilient and immutable characteristics, blockchain technology holds the potential to serve as the ideal medium for botnet C&C - especially when paired with suitable hiding techniques. The goal of this thesis is to introduce and analyze a novel approach by utilizing a popular and widely used broadcast medium, blockchain applications. The aim is to exploit the concept of subliminal channels, which is presented in Chapter 5. This new concept of multicasting over public blockchains is named ChainChannels and was partly published in [4]. The name of the concept refers to subliminal channels, the blockchain as the medium and also to the fact that the messages in this communication scheme are linked to the previous steps and thus chained together. For the purpose of distributing messages, we include subliminal information in the digital signatures used to secure blockchain transactions. Since digital signatures are essential for the operation of blockchains, they provide a distributed transmission method that can be exploited by botnet operators. We show how the keying material (needed to extract the subliminal information) can be distributed secretly to the bots such that storing the private key in advance in a bot can be avoided and take-over by an adversary that acquired information from a compromised bot is prevented. An adversary can follow the communication with a compromised bot but cannot take control over the botnet. As proof of concept we injected a subliminal message in the Bitcoin blockchain and explain how the subliminal information can be extracted. We also implemented our method to leak the private key in the experiment so that the applicability of our method can be verified. ChainChannels is not restricted to a specific blockchain and is robust against takeover, since it only depends on signatures which are used for the blockchain and the immutable and available block. Even with knowledge of the subliminal message and the key, botnet commands cannot be forged and the size of botnet remains unknown. Furthermore, we analyze the various transaction patterns which are generated by the novel communication scheme and compare them to real blockchain data to find the most viable mode of operation for the communication scheme.
en
dc.language
English
-
dc.language.iso
en
-
dc.rights.uri
http://rightsstatements.org/vocab/InC/1.0/
-
dc.subject
botnet
en
dc.subject
subliminal channels
en
dc.subject
blockchain
en
dc.subject
Bitcoin
en
dc.title
Subliminal channels in Blockchain applications for Hidden Botnet communication
en
dc.type
Thesis
en
dc.type
Hochschulschrift
de
dc.rights.license
In Copyright
en
dc.rights.license
Urheberrechtsschutz
de
dc.identifier.doi
10.34726/hss.2019.57700
-
dc.contributor.affiliation
TU Wien, Österreich
-
dc.rights.holder
Davor Frkat
-
dc.publisher.place
Wien
-
tuw.version
vor
-
tuw.thesisinformation
Technische Universität Wien
-
dc.contributor.assistant
Annessi, Robert
-
tuw.publication.orgunit
E389 - Telecommunications
-
dc.type.qualificationlevel
Diploma
-
dc.identifier.libraryid
AC15383214
-
dc.description.numberOfPages
97
-
dc.identifier.urn
urn:nbn:at:at-ubtuw:1-125508
-
dc.thesistype
Diplomarbeit
de
dc.thesistype
Diploma Thesis
en
dc.rights.identifier
In Copyright
en
dc.rights.identifier
Urheberrechtsschutz
de
tuw.advisor.staffStatus
staff
-
tuw.assistant.staffStatus
staff
-
tuw.advisor.orcid
0000-0002-5391-467X
-
item.languageiso639-1
en
-
item.fulltext
with Fulltext
-
item.openaccessfulltext
Open Access
-
item.mimetype
application/pdf
-
item.openairetype
master thesis
-
item.grantfulltext
open
-
item.openairecristype
http://purl.org/coar/resource_type/c_bdcc
-
item.cerifentitytype
Publications
-
crisitem.author.dept
E350 - Fakultät für Elektrotechnik und Informationstechnik