Abstract
Remote Access Trojan (RAT) is a type of malicious software, aiming to infect victims’ computers through targeted attacks. Most existing RATs require a hacker to purchase a server, a domain name and many network resources to construct the infrastructure with a Command and Control (C2) channel. However, hackers’ information may be leaked or become traceable during the purchase of C2 channels and network resources. In this work, we propose BlockRAT, a blockchain-based RAT framework that can hide the hacker’s personal information with untraceability and low cost. We also introduce a method to help assess the suitability of blockchain types. In the evaluation, we take Network Infrastructure for Decentralized Internet (NKN) as a case study, and compare our BlockRAT with existing studies. The results indicate that BlockRAT can achieve upstream and downstream anonymity, low cost, and good extensibility.
Original language | English |
---|---|
Title of host publication | Proceedings of Science of Cyber Security : 4th International Conference, SciSec 2022, Revised Selected Papers |
Volume | 13580 |
Publisher | Springer |
Publication date | 2022 |
Pages | 21-35 |
ISBN (Print) | 978-3-031-17550-3 |
ISBN (Electronic) | 978-3-031-17551-0 |
DOIs | |
Publication status | Published - 2022 |
Event | 4th International Conference on Science of Cyber Security: SciSec 2022 - Matsue, Japan Duration: 10 Aug 2022 → 12 Aug 2022 |
Conference
Conference | 4th International Conference on Science of Cyber Security |
---|---|
Country/Territory | Japan |
City | Matsue |
Period | 10/08/2022 → 12/08/2022 |
Keywords
- Blockchain technology
- Command and control
- Network attack
- NKN
- Remote access trojan