Advanced Information Hiding Techniques for Modern Botnets

The chapter discusses the most recent and sophisticated form of steganography and information hiding that can be used to empower botnets. Specifically, it investigates techniques proposed by the academic literature and observed in the wild in real malware. Since steganography and information hiding can be also used to avoid the detection of the software implementing the botnet, to implement some anti-forensics techniques, or to exploit local communications to bypass the sandboxes deployed within a host, the chapter will also review and classify the most promising mechanisms that could be used to engineer sophisticated, future botnets. With such a background, the chapter will also introduce possible detection techniques as well as network architectures properly suited to counteract risks arising from botnets.