It can be extremely challenging to attempt to explain technical concepts to non-technical people. There are two goals for this presentation. The first is to be able to educate non-technical users
as to what bots and botnets are, and what they are capable of. The second goal of this presentation is to share a method of teaching a technical subject in a manner that relatively non-technical people can understand.
UNDERSTANDING AND TEACHING BOTS AND BOTNETS ABRAMS
UNDERSTANDING AND TEACHING non-technical people can understand. This presentation is not intended to teach anyone how to analyse bots or combat botnets.BOTS AND BOTNETSRandy Abrams BASIC CONCEPTSESET Research, 610 West Ash Street, Suite 1900, Before one can begin to grasp the power of a bot or a botnet, one San Diego, CA 92101, USA must understand that virtually any activity that can be performed on a computer can be automated. One must also understand Email abrams@eset.com some of the basic concepts of the functions of the programs that they use every day. Let's start with a few of these basic concepts.When we use an email program the software captures each ABSTRACT keystroke that we type on the keyboard. The letters and numbers Bots and botnets suck, so what better teaching aid to help people are then placed into the email message. Word processors also understand them than a vacuum cleaner? capture the keystrokes we type and store them in a document. When one logs into an account, such as MySpace, Facebook, The second in the 'Understanding and teaching...' series, this MSN, or AOL, etc. the keys that are pressed on the keyboard are presentation is designed to both educate those who are not captured and stored by another computer. The fundamental familiar with the topic or have misconceptions, and at the same concept is that many programs record each keystroke that is time to present effective methods to take a technical topic and typed on the keyboard. There is a type of malicious program present it in a user-friendly manner that those who are not ? uent called a keystroke logger. This program is invisible to the user, in geek-speak can understand. but if a computer has one running on it, then every keystroke can Where the Catahoula Leopard Dog was used (along with other be saved or if the computer is online, the keystrokes can be sent canines) in 'Understanding and teaching heuristics', this to another computer as well. If a keystroke logger is installed on presentation will use iRobot Roombas to help explain what a bot the computer and the computer is not online, the information can is and what botnets are. Command and control your Rumbas be stored and then sent later when the computer is back on the from the comfort of your of? ce, or let them create their own Internet. A program can be running and doing things, yet still be peer-to-peer network to perform attacks on unwitting invisible to you. If you look at Windows Task Manager, the domesticated animals. processes you see running are all programs, but most of them Once users understand what can be done by bots and botnets, you do not actually see running.and the real risks presented by the malware on their computer, When one ? nishes composing an email, one can then send it to they will be more likely to become interested in safe computing one or more people. The simple concept is that a computer can practices. be used to send email. There are many programs that can be used Just as students drop out of universities, it is not expected that to send email. Outlook, Outlook Express and Lotus Notes are a everyone will learn from the opportunity to be educated. few examples. Any skilled computer user can also write a However, when information is presented in an interesting, program that sends email. It can also be invisible and the emails relevant and entertaining manner, the desire to learn and be more can be composed automatically to say whatever the programmer secure can be fostered in many users. wants them to say. The emails can then be sent to people in an address book, or a list of email addresses can be downloaded INTRODUCTION from the Internet and then be used to send email to.In a recent survey by the National Cybersecurity Alliance it was When we use Internet Explorer, Firefox, Safari, or another reported that 71 per cent of users have never heard the word program to surf the web, we send data to other computers. If I go 'botnet' before. The harm done by bots and botnets is such that to www.google.com, my computer sends a request to Google's the public does need to have a basic understanding of what these computer to show me their web page. Each computer can handle threats are and what bots and botnets are capable of. As people a ? nite amount of data, or requests for their web pages. There are become aware of risks they generally become more interested in also oth... [download for more]
