BlockRAT: An Enhanced Remote Access Trojan Framework via Blockchain

Yanze Kang, Xiaobo Yu, Weizhi Meng, Yining Liu*

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

Abstract

Remote Access Trojan (RAT) is a type of malicious software, aiming to infect victims’ computers through targeted attacks. Most existing RATs require a hacker to purchase a server, a domain name and many network resources to construct the infrastructure with a Command and Control (C2) channel. However, hackers’ information may be leaked or become traceable during the purchase of C2 channels and network resources. In this work, we propose BlockRAT, a blockchain-based RAT framework that can hide the hacker’s personal information with untraceability and low cost. We also introduce a method to help assess the suitability of blockchain types. In the evaluation, we take Network Infrastructure for Decentralized Internet (NKN) as a case study, and compare our BlockRAT with existing studies. The results indicate that BlockRAT can achieve upstream and downstream anonymity, low cost, and good extensibility.

Original languageEnglish
Title of host publicationProceedings of Science of Cyber Security : 4th International Conference, SciSec 2022, Revised Selected Papers
Volume13580
PublisherSpringer
Publication date2022
Pages21-35
ISBN (Print)978-3-031-17550-3
ISBN (Electronic)978-3-031-17551-0
DOIs
Publication statusPublished - 2022
Event4th International Conference on Science of Cyber Security: SciSec 2022 - Matsue, Japan
Duration: 10 Aug 202212 Aug 2022

Conference

Conference4th International Conference on Science of Cyber Security
Country/TerritoryJapan
CityMatsue
Period10/08/202212/08/2022

Keywords

  • Blockchain technology
  • Command and control
  • Network attack
  • NKN
  • Remote access trojan

Fingerprint

Dive into the research topics of 'BlockRAT: An Enhanced Remote Access Trojan Framework via Blockchain'. Together they form a unique fingerprint.

Cite this