Razlike

Slijede razlike između dviju inačica stranice.

--- racfor_wiki:seminari2024:projekt_ddosia [2025/01/25 09:37]
Orsag Mihael [Conclusion]
+++ racfor_wiki:seminari2024:projekt_ddosia [2025/01/27 06:36] (trenutno)
Orsag Mihael [Project DDoSia]
@@ Redak 1: / Redak 1: @@
 ====== Project DDoSia ======
+[[https://ferhr-my.sharepoint.com/:v:/g/personal/mo760600010_fer_hr/EYGanvcES4BKuytKDp2SOEEBqEPYYqB1yR50wTaHvARXBA?nav=eyJyZWZlcnJhbEluZm8iOnsicmVmZXJyYWxBcHAiOiJTdHJlYW1XZWJBcHAiLCJyZWZlcnJhbFZpZXciOiJTaGFyZURpYWxvZy1MaW5rIiwicmVmZXJyYWxBcHBQbGF0Zm9ybSI6IldlYiIsInJlZmVycmFsTW9kZSI6InZpZXcifX0%3D&e=J9dvBi|Video presentation]]
 ===== Abstract =====
@@ Redak 32: / Redak 33: @@
 malicious actors to do this job instead, for a certain amount of money. Project
 DDoSia is a bot software that takes an interesting, different approach to
 expanding its botnet by making the joining to the botnet entirely voluntary.
+{{:racfor_wiki:seminari2024:botnet.png?400| Network structure of a botnet [6]}}
+Figure 1: Network structure of a botnet [6]
 ===== Early versions =====
@@ Redak 54: / Redak 59: @@
 macOS and Windows.
-{{https://decoded.avast.io/wp-content/uploads/sites/2/2023/01/07.dosia-reward.png?685
+{{:racfor_wiki:seminari2024:reward-messages.png?685|Messages in the Project DDoSia Telegram group regarding rewards}}
-|Messages in the Project DDoSia Telegram group regarding rewards}}
-Figure 1: Messages in the Project DDoSia Telegram channel regarding rewards [1]
+Figure 2: Messages in the Project DDoSia Telegram channel regarding rewards [1]
 == Linux and macOS ==
@@ Redak 128: / Redak 132: @@
 server, authentication is required.
-{{https://decoded.avast.io/wp-content/uploads/sites/2/2023/04/C2-communication-workflow-1.png|Communication flow between a bot and the C&C server.[2]}}
+{{:racfor_wiki:seminari2024:C2-communication-workflow.png?|Communication flow between a bot and the C&C server.[2]}}
-Figure 2: Communication flow between a bot and the C&C server [2]
+Figure 3: Communication flow between a bot and the C&C server [2]
 Additionally, the .json file describing attack targets is now encrypted with
@@ Redak 137: / Redak 141: @@
 better protect it by keeping its IP address secret.
-{{https://decoded.avast.io/wp-content/uploads/sites/2/2023/04/C2-Architecture.png
+{{:racfor_wiki:seminari2024:C2-Architecture.png?
 |C&C server architecture of the newer version of Project DDoSia botnet.[2]}}
-Figure 3: C&C server architecture of the newer version of Project DDoSia botnet [2]
+Figure 4: C&C server architecture of the newer version of Project DDoSia botnet [2]
 In April 2023 the number of users in the Project DDoSia telegram group rose to
@@ Redak 152: / Redak 156: @@
 With its growing capabilities and resources, the Project DDoSia botnet has
 expanded the list of targets, adding and heavily targeting Finland and Italy
-along Ukraine. The most prevalent targets are govorment organizations, followed
+along Ukraine. The most prevalent targets are government organizations, followed
 by banking and transportation organizations.
-{{https://t7f4e9n3.delivery.rocketcdn.me/wp-content/uploads/2024/02/FLINT-2024-_-Top-countries-targeted-in-2024.png?685
+{{:racfor_wiki:seminari2024:ddosia-map.png?685
 |A map of targeted countries by the Project DDoSia botnet in 2024.[5]}}
-Figure 4: A map of targeted countries by the Project DDoSia botnet in 2024 [5]
+Figure 5: A map of targeted countries by the Project DDoSia botnet in 2024 [5]
 ===== Conclusion =====
@@ Redak 175: / Redak 179: @@
 ==== Literature ====
-[1] [[https://decoded.avast.io/martinchlumecky/ddosia-project/ |Martin Chlumecký, DDosia Project: Volunteers Carrying out NoName(057)16’s DirtyWork]]. Accessed: 17.1.2025.
+[1] [[https://decoded.avast.io/martinchlumecky/ddosia-project/ |Martin Chlumecký: "DDosia Project: Volunteers Carrying out NoName(057)16’s DirtyWork"]]. Accessed: 17.1.2025.
+[2] [[https://decoded.avast.io/martinchlumecky/ddosia-project-how-noname05716-is-trying-to-improve-the-efficiency-of-ddos-attacks/ |Martin Chlumecký: "DDosia Project: How NoName057(16) is trying to improve the efficiency of DDoS attacks"]]. Accessed: 17.1.2025.
-[2] [[https://decoded.avast.io/martinchlumecky/ddosia-project-how-noname05716-is-trying-to-improve-the-efficiency-of-ddos-attacks/ |Martin Chlumecký, DDosia Project: How NoName057(16) is trying to improve the efficiency of DDoS attacks]]. Accessed: 17.1.2025.
+[3] [[https://socradar.io/what-is-ddosia-project/ |SOCRadar: "What is DDoSia Project?"]]. Accessed: 17.1.2025.
-[3] [[https://socradar.io/what-is-ddosia-project/ |SOCRadar, What is DDoSia Project?]]. Accessed: 17.1.2025.
+[4] [[https://blog.sekoia.io/following-noname05716-ddosia-projects-targets/ |Amaury G., Charles M. and Sekoia TDR: "Following NoName057(16) DDoSia Project’s Targets"]]. Accessed: 17.1.2025.
-[4] [[https://blog.sekoia.io/following-noname05716-ddosia-projects-targets/ |Amaury G., Charles M. and Sekoia TDR, Following NoName057(16) DDoSia Project’s Targets]]. Accessed: 17.1.2025.
+[5] [[https://blog.sekoia.io/Noname05716-Ddosia-project-2024-updates-and-behavioural-shifts/ |Sekoia TDR, Amaury G. and Maxime A.: "NoName057(16)’s DDoSia project: 2024 updates and behavioural shifts"]]. Accessed: 17.1.2025.
-[5] [[https://blog.sekoia.io/Noname05716-Ddosia-project-2024-updates-and-behavioural-shifts/ |Sekoia TDR, Amaury G. and Maxime A., NoName057(16)’s DDoSia project: 2024 updates and behavioural shifts]]. Accessed: 17.1.2025.
+[6] Mahmoud, Muhammad, Manjinder Nir, and Ashraf Matrawy. "A survey on botnet architectures, detection and defences." Int. J. Netw. Secur. 17.3 (2015): 264-281.

racfor_wiki/seminari2024/projekt_ddosia.1737797836.txt.gz · Zadnja izmjena: 2025/01/25 09:37 od Orsag Mihael