Researchers Develop Simulated Botnet To Understand Botnet Behavior

Computer scientists engaged with the U.S. Department of Energy situated at California-based Sandia National Laboratories declared in the end week of July 2009 that they had managed to build a replicated botnet of over 1m PCs.

According to them, researchers using the botnet would be able to study the working of certain replicated network of 10m online PCs. Further the experiment would enable experts to understand the botnet's working more accurately and the ways in which they could be combated.

Meanwhile, in the gigantic botnet simulation, researchers under the leadership of Don Rudish and Ron Minnich managed to boot over 1m kernels i.e. the core element of the majority of operating systems, treating them as virtual machines. Earlier, researchers could build a simulated network of only 20,000 bots. SCMagazine published this on July 31, 2009.

Moreover, for the current simulated botnet, although the foundation has been constructed, researchers haven't still operated it. They would actually kick start the operation during the project's second phase that will start from October 1, 2009 and continue for 3 years.

Also, describing the problems encountered during the experiment, researchers stated that it was hard to analyze botnets as infected PCs were widespread. Minnich added that in his view people who created botnets were simply brilliant as also they contributed a great deal of effort to make their infected networks difficult to detect.

Regrettably, researchers are still not much aware of how botnets really function. Therefore, they are thinking of utilizing the new Red Sky supercomputer, presently under construction in the lab, to build a system of 10m kernels into which botnet software would be incorporated and then the system would be observed for results, Rudish said.

Meanwhile, other groups of researchers too have replicated botnet behavior in zombie PCs, however not enough is known about the way they actually run. The experiment at Sandia would be different since it is nearly similar to a real-world situation in which the network would appear as having 10m PCs simultaneously set online, Rudish said.

Furthermore, about the project's cost, the researchers estimated a direct cost of approximately US$100,000.

Related article: Researchers Urge Caution against phishing Scams

» SPAMfighter News - 8/19/2009