A botnet-based command and control approach relying on swarm intelligence

Survivability and scalability are the main emerging challenges in command and control of ubiquitous networked entities operating in untrusted communication scenarios, due to the increasing sophistication of the detection and mitigation/defeating techniques together with the increasing number of elements to be controlled and their distribution over multiple heterogeneous communication infrastructures. Accordingly, this work focuses on a new more robust and scalable botnet-based command and control architecture, aiming at wiping off any rigid master-slave relationship and autonomizing the bot operating roles, with signi.cant agility gains in the whole overlay communication infrastructure. It relies on swarm intelligence and in particular on stigmergic communication, ensuring spontaneous, implicit coordination and collaboration among the independent bot agents. The resulting architecture presents improved fault tolerance and dynamic adaptation to varying network conditions, by propagating control messages to any bot node through multiple short-range hops structured according to a dynamically built Degree Constrained Minimum Spanning Tree, whose distributed calculation is inspired to ant colony's foraging behavior. For this reason, it may constitute the basis for an evolutionary malware-based control and management scheme that can be used in several homeland security/defense scenarios where the botnet technology may be used as a support tool in strategic military or intelligence operations. © 2013 Elsevier Ltd. All rights reserved.