• A botnet is a group of bots, connected through the Internet, with the capacity to be constrained by a malicious individual or group. A bot PC is normally infected by visiting a site, opening an email connection, or opening an infected media file.

• A botnet can have many thousands or even a huge number of bots. These bots can be actuated to convey malware, send off DDoS attacks, disperse spam email, or execute brute force password attacks.

• Botnets are ordinarily controlled through an order and control server. Cybercriminals will frequently lease Botnets, for a charge, to outsiders for evil purposes.

The Kill Chain in Cyber Defense

• In cybersecurity, the Kill Chain is the phase of a data systems attack. Created by Lockheed Martin as a security system for episode discovery and reaction, the Cyber Kill Chain has involved the accompanying stages:

  1. Stage 1. Reconnaissance -The attacker accumulates data about the target.

  2. Stage 2. Weaponization -The attacker makes an adventure and malicious payload to ship off the target.

  3. Stage 3. Conveyance -The attacker sends the exploit and malicious payload to the target by email or other technique.

  4. Stage 4. Exploitation -The exploit is executed.

  5. Stage 5 Installation -Malware and secondary passages are introduced on the target.

  6. Stage 6. Order and Control -Remote control of the target is acquired through an order and control channel or server.

  7. Stage 7. Activity -The attacker performs malicious activities like data burglary, or executes extra attacks on different devices from inside the network by dealing with the Kill Chain arrangements once more.

• To shield against the Kill Chain, network security safeguards are planned around the phases of the Kill Chain. These are a few inquiries concerning an organization's security guards, in light of the Cyber Kill Chain:

  1. What are the attack pointers at each phase of the Kill Chain?

  2. Which security apparatuses are expected to identify the attack markers at every one of the stages?

  3. Are there holes in the organization's ability to distinguish an attack?

• As indicated by Lockheed Martin, understanding the phases of Kill Chain permitted them to set up protective obstructions, dial back the attack, and at last forestall the deficiency of data.

Behavior-base Security

• Behavior-based security is a type of threat recognition that doesn't depend on known malicious marks, however rather involves educational settings to identify peculiarities in the network.

• Behavior-based recognition includes catching and investigating the progression of correspondence between a client on the nearby network and a neighborhood, or distant objective.

• These interchanges, when caught and investigated, uncover settings and examples of behavior which can be utilized to identify irregularities. Behavior-based location can discover the presence of an attack by a change from typical behavior.

  1. Honeypots -A Honeypot is a behavior-based recognition device that first draws the attacker in by speaking to the attacker's anticipated example of malicious behavior, and afterward, when inside the honeypot, the network administrator can catch, log, and examine the attacker's behavior. This permits an administrator to acquire information and fabricate a superior guard.

  2. Cyber Threat Defense Solution Architecture -This is a security design that utilizes behavior-based location and pointers, to give more noteworthy visibility, setting, and control. The objective is to know who, what, where, when, and how an attack is occurring.

• This security engineering utilizes numerous security technologies to accomplish this objective. - based security is a type of threat location that doesn't depend on known malicious marks, yet rather involves enlightening settings to distinguish peculiarities in the network.

• Behavior-based discovery includes catching and dissecting the progression of correspondence between a client on the neighborhood network and a nearby, or distant objective.

• These interchanges, when caught and dissected, uncover settings and examples of behavior that can be utilized to recognize irregularities. Behavior-based recognition can discover the presence of an attack by a change from ordinary behavior.