Anton Alexanenkov - Tor and Botnet C&C
-
Upload
defconrussia -
Category
Technology
-
view
335 -
download
1
description
Transcript of Anton Alexanenkov - Tor and Botnet C&C
![Page 1: Anton Alexanenkov - Tor and Botnet C&C](https://reader033.fdocuments.net/reader033/viewer/2022051513/5463998bb1af9fce588b45b3/html5/thumbnails/1.jpg)
А. АлексаненковА. Печенкин
Tor в роли анонимайзера для C&C
ботнета
![Page 2: Anton Alexanenkov - Tor and Botnet C&C](https://reader033.fdocuments.net/reader033/viewer/2022051513/5463998bb1af9fce588b45b3/html5/thumbnails/2.jpg)
![Page 3: Anton Alexanenkov - Tor and Botnet C&C](https://reader033.fdocuments.net/reader033/viewer/2022051513/5463998bb1af9fce588b45b3/html5/thumbnails/3.jpg)
![Page 4: Anton Alexanenkov - Tor and Botnet C&C](https://reader033.fdocuments.net/reader033/viewer/2022051513/5463998bb1af9fce588b45b3/html5/thumbnails/4.jpg)
![Page 5: Anton Alexanenkov - Tor and Botnet C&C](https://reader033.fdocuments.net/reader033/viewer/2022051513/5463998bb1af9fce588b45b3/html5/thumbnails/5.jpg)
![Page 6: Anton Alexanenkov - Tor and Botnet C&C](https://reader033.fdocuments.net/reader033/viewer/2022051513/5463998bb1af9fce588b45b3/html5/thumbnails/6.jpg)
![Page 7: Anton Alexanenkov - Tor and Botnet C&C](https://reader033.fdocuments.net/reader033/viewer/2022051513/5463998bb1af9fce588b45b3/html5/thumbnails/7.jpg)
![Page 8: Anton Alexanenkov - Tor and Botnet C&C](https://reader033.fdocuments.net/reader033/viewer/2022051513/5463998bb1af9fce588b45b3/html5/thumbnails/8.jpg)
![Page 9: Anton Alexanenkov - Tor and Botnet C&C](https://reader033.fdocuments.net/reader033/viewer/2022051513/5463998bb1af9fce588b45b3/html5/thumbnails/9.jpg)
![Page 10: Anton Alexanenkov - Tor and Botnet C&C](https://reader033.fdocuments.net/reader033/viewer/2022051513/5463998bb1af9fce588b45b3/html5/thumbnails/10.jpg)
14
![Page 11: Anton Alexanenkov - Tor and Botnet C&C](https://reader033.fdocuments.net/reader033/viewer/2022051513/5463998bb1af9fce588b45b3/html5/thumbnails/11.jpg)
15
![Page 12: Anton Alexanenkov - Tor and Botnet C&C](https://reader033.fdocuments.net/reader033/viewer/2022051513/5463998bb1af9fce588b45b3/html5/thumbnails/12.jpg)
descriptor-id = H(public-key-id || secret-id-part)
secret-id-part = H(descriptor-cookie || time-period || replica-index)
H -- SHA-1 хэш|| -- конкатенацияpublic-key-id -- идентификатор публичного ключа сервисаdescriptor-cookie -- опционально, для авторизации клиентовtime-period -- сутки в UNIX форматеreplica-index -- порядковый номер копии дескриптора (всего их 2)
Вычисление идентификатора дескриптора
![Page 13: Anton Alexanenkov - Tor and Botnet C&C](https://reader033.fdocuments.net/reader033/viewer/2022051513/5463998bb1af9fce588b45b3/html5/thumbnails/13.jpg)
● Проверка наличия соединения между двумя узлами -- by design
● DoS атака на Tor ПО -- fixed
● Случай работы скрытого сервиса
и рядового узла на одной машине
Всякое
![Page 14: Anton Alexanenkov - Tor and Botnet C&C](https://reader033.fdocuments.net/reader033/viewer/2022051513/5463998bb1af9fce588b45b3/html5/thumbnails/14.jpg)
● Privacy-enhancing Technologies for Private Services, K.Loesing
● Resilient Botnet Command and Control with Tor, D. Brown
● Trawling for Tor Hidden Services: Detection, Measurement,
Deanonymization, A. Biryukov et al.
● TorScan: Tracing Long-lived Connections and Differential Scanning
Attacks, A. Biryukov et al.
● The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor
Network, R. Jansen et al.
● http://freehaven.net/anonbib/
Почитать