The simulation of cyber warfare and cyber activities, especially the activities of bot armies (botnets) and their effects upon networks, computers, users, and society, are an important simulation challenge. The importance of improving botnet simulation stems from their potential use in military operations and in other security-oriented simulations. Botnets are malware that can be remotely controlled at all times, uses increasingly sophisticated command and control structure, and can be upgraded at any time by the controller. A bot army is powerful and agile in its technical capabilities and can be extremely large, comprising tens of thousands or millions of computers. Botnets are a threat to all computing and networked systems. To improve our understanding of botnet operation and combat future hostile uses, bot army simulations that can be inserted into military simulation environments are needed.
Developing botnet simulation capabilities requires advances in two areas: improved understanding of bot army technologies and development of standards and models that support the simulation of bot army operations. Additional challenges are posed by integrating bot army simulations into interactive and constructive simulation environments. To date, little work has been reported in the open literature concerning these issues. In the paper, we address these and related issues to highlight the challenges of botnet research and standards development.
In this paper, we discuss the need for botnet simulations, describe a model for botnet operation, and discuss the need and benefits realized by their incorporation into broader simulation environments. Section One presents an introduction to bot armies and malware, the expected benefits, and the motivation for our research and for research on bot armies. Section Two presents background material on bot armies and malware and a discussion of related topics. Section Three presents the characteristics of our botnet model and its uses. Section Four contains the conclusion and suggestions for further research.