Projects

Botnets as the greatest threat on the Internet

Botnets are considered to be one of the biggest threats on the Internet today. Bots are illegally hijacked, remotely controlled computers with which basically any function can be executed in the background. A network of such bots, a botnet, can be misused by attackers for a variety of malicious functions on the Internet. Among the most common threats to botnets are:

Logo: Botnetze
  • Spam campaigns
  • Distributed denial of service attacks
  • Identity Theft and other data theft (bank/credit card data, user accounts)
  • Infection of other computers with malware

The potential for attack created by the combination of several bots into a botnet is immense. Although it is difficult to precisely quantify the size of botnets, estimation is possible. In the past, botnets with up to six-digit numbers of bots from all over the world could be observed. However
in principle: the more bots are part of a botnet, the easier it is for security experts to detect this botnet. Therefore, there is currently a trend towards many smaller botnets. However, since these can in principle be controlled centrally, the potential danger is not reduced.

Research of botnets

In a two-year research project, we analyze the functioning of botnets, with special attention to the structure of C&C control channels. This information can then be used to detect bot infections as early as possible. Our research is especially aimed at the detection in high-speed networks, for example at Internet Service Providers or Internet Exchange Points, such as our project partner DE-CIX. On the subpages of the research project Botnets we present further details of our research activities.

Cloud Computing

Cloud computing will be an important part of IT and the Internet in our modern society. The aspects of IT security and trustworthiness will determine how quickly and how deeply cloud services will penetrate the IT market in Germany.

With cloud services, data is generated, stored, processed and deleted within an external IT infrastructure. In principle, the price-efficiency of a high security level of the underlying IT infrastructure increases. Nevertheless, cloud services pose new challenges to IT security and the trustworthiness of providers.

Logo: Internet Kennzahlen System

The security advantages of larger cloud service providers lie in the areas of availability, reliability, elasticity, tolerance and business continuity. In addition, physical security of the IT infrastructure can be implemented more easily and more cost-effectively with large coil providers. A uniform hardening of IT systems as well as an optimal implementation of patch management, for example, can also be implemented securely and sustainably from a central location.

Further innovations in cloud computing will be added, but users will still not be able to transfer the responsibility for their own data and IT security to the providers. Users should choose cloud service providers carefully and negotiate contracts that reflect our IT security and trustworthiness needs. All in all, there is still a very large need for action, which we must meet in the coming years with the appropriate IT security, data protection and trustworthiness measures.