diff --git a/.gitignore b/.gitignore index 1b1af78c..f422262d 100644 --- a/.gitignore +++ b/.gitignore @@ -1,15 +1,18 @@ _minted-paper/ +*.acr *.aux *.bbl *.bcf *.blg *.fdb_latexmk *.fls +*.lof *.log *.out *.pdf *.run.xml +*.toc result -#!cv.pdf +!report.pdf diff --git a/Makefile b/Makefile index 31b1b5db..cf33ca34 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,6 @@ # use bash so process substutution is available SHELL = bash -SRC = main.tex +SRC = report.tex TARGET = $(SRC:%.tex=%.pdf) .PHONY: build diff --git a/abstract.tex b/abstract.tex new file mode 100644 index 00000000..9b793610 --- /dev/null +++ b/abstract.tex @@ -0,0 +1,5 @@ +\begin{abstract} +Foo Bar baz lel +\end{abstract} + +% vim: set filetype=tex ts=2 sw=2 tw=0 et : diff --git a/acronyms.tex b/acronyms.tex index 18a3370e..ed861627 100644 --- a/acronyms.tex +++ b/acronyms.tex @@ -2,3 +2,35 @@ short = HTML, long = hyper text markup language } + +\DeclareAcronym{p2p}{ + short = {{P2P}}, + long = {{peer-to-peer}} +} + +\DeclareAcronym{c2}{ + short = {{C2 server}}, + long = {{command and control server}} +} + +\DeclareAcronym{irc}{ + short = {{IRC}}, + long = {{internet relay chat}} +} + +\DeclareAcronym{http}{ + short = {{HTTP}}, + long = {{hypertext transfer protocol}} +} + +\DeclareAcronym{ddos}{ + short = {{DDoS}}, + long = {{distributed denial of service}} +} + +\DeclareAcronym{dga}{ + short = {{DGA}}, + long = {{domain generation algorithm}} +} + +% vim: set filetype=tex ts=2 sw=2 tw=0 et : diff --git a/appendix.tex b/appendix.tex new file mode 100644 index 00000000..a054ce9a --- /dev/null +++ b/appendix.tex @@ -0,0 +1,20 @@ +\appendix + +% TODO: add to table of contents? +\printbibliography + +\clearpage + +% TODO: add to table of contents? +\listoffigures + +\clearpage + +% TODO: add to table of contents? +\printacronyms + +\clearpage + +\makedeclaration + +% vim: set filetype=tex ts=2 sw=2 tw=0 et : diff --git a/bibliography.bib b/bibliography.bib new file mode 100644 index 00000000..080c5b63 --- /dev/null +++ b/bibliography.bib @@ -0,0 +1,9 @@ +@article{bib:persistentstruct, + author = {James R Driscoll and Neil Sarnak and Daniel D. Sleator and Robert E. Tarjan}, + title = {Making Data Structures Persistent}, + journal = {Journal of Computer and System Sciences}, + year = {1989}, + month = {02}, + volume = {Vol. 38, No. 1}, + pages = {86-124} +} diff --git a/commands.tex b/commands.tex new file mode 100644 index 00000000..30fb30e3 --- /dev/null +++ b/commands.tex @@ -0,0 +1 @@ +\newcommand{\eg}{\textit{e}.\textit{g}.} diff --git a/content.tex b/content.tex new file mode 100644 index 00000000..8b09ce17 --- /dev/null +++ b/content.tex @@ -0,0 +1,58 @@ + +% \section{Testeroo ma man} + +% \OfficialLogoNormal + +% \logoNormal + +% \textcolor{Accent}{foo lol fakultätsfarben} + +% jo moin~\cite[121]{bib:persistentstruct} + +% \Ac{html} + +% \ac{html} + +% \enquote{look ma, imma quote}~\ref{fig:some_figure} + +% \begin{figure}[h] +% \OfficialLogoNormal +% \caption{OTH Logo} +% \label{fig:some_figure} +% \end{figure} + +% asdft~\footfullcite[pre][post]{bib:persistentstruct} + + +% \textsc{Small Caps test Abschnitt} + +% \subsection{Sub 1} + +% \subsection{Sub 2} + +% \subsubsection{Subsub 1} + +% ich bin ein text mit fußnote\footnote{lol ich bin eine fußnote} + + +\section{Introduction} + + +% TODO: what is a bot? Infected systems. Malware. DGA, beispiele, tree vs graph + +A botnet describes a network of connected computers with some way to control the infected systems. +In classic botnets, there are one or more central coordinating hosts called \acp{c2}. +These \acp{c2} could use anything from \ac{irc} over \ac{http} to Twitter to communicate with the infected systems. +The infected systems can be abused for a number of things, \eg{} \ac{ddos} attacks, stealing data from victims, as proxies to hide the attackers identity, send spam emails \dots{} + +Analyzing and shutting down a centralized botnet is comparatively easily since every bot knows the IP address, domain name, Twitter handle, \ac{irc} channel \dots{} the \acp{c2} are using. +% TODO: wort für polizei +A targeted operation with help from TODO, hosting providers, domain registrars and platform providers could shut down or take over the operation by changing how requests are rooted or simply shutting down the controlling servers/accounts. + +% TODO: too informal? +A number of botnet operations were shut down like this and as the defenders upped their game, so did attackers --- the idea of \ac{p2p} botnets came up. +The idea is to build a decentralized network without single points of failure where the \acp{c2} are. +In a \ac{p2p} botnet, each node in the network knows a number of it's neighbours and connects to those, each of these neighbours has a list of neighbours on his own, and so on. + + +% vim: set filetype=tex ts=2 sw=2 tw=0 et spell : diff --git a/metadata.tex b/metadata.tex new file mode 100644 index 00000000..0102b01b --- /dev/null +++ b/metadata.tex @@ -0,0 +1,20 @@ +\title{Organized Crawling of P2P Botnets} + +\author{Valentin Brandl} + +\documenttype{Masterthesis} + +\studentid{3220018} +\department{Informatik und Mathematik} +\studyprogramme{Master Informatik} +%\startingdate{1.\,November 2088} +%\closingdate{11.\,Dezember 2089} + +\firstadvisor{Prof. Dr. Christoph Skornia} +%\secondadvisor{Prof. Dr. Petra Hart} +%\externaladvisor{Dr. Klara Endlos} + +\date{\today} +% \date{} + +% vim: set filetype=tex ts=2 sw=2 tw=0 et : diff --git a/report.pdf b/report.pdf new file mode 100644 index 00000000..7e645152 Binary files /dev/null and b/report.pdf differ diff --git a/report.tex b/report.tex index 321eff04..9c7b7336 100644 --- a/report.tex +++ b/report.tex @@ -7,52 +7,73 @@ \WarningFilter{latexfont}{Font} \WarningFilter{latexfont}{Some font shapes} -\documentclass[11pt]{diazessay} +% \documentclass[11pt]{diazessay} +\documentclass[a4paper, +DIV=13, +12pt, +BCOR=10mm, +department=FakIM, +% lucida, +% KeepRoman, +oneside, +parskip=half, +automark, +headsepline, +% footsepline, +]{OTHRartcl} -% document language -% \usepackage[ngerman]{babel} +% document language and hyphenation +\usepackage[english]{babel} % UTF-8 encoding \usepackage[utf8]{inputenc} \usepackage[T1]{fontenc} \usepackage{lmodern} +% acronyms +\usepackage{acro} +\include{acronyms} + % language specific quotes \usepackage{csquotes} -\usepackage{needspace} +% bibliography +\usepackage[backend=biber]{biblatex} +\addbibresource{bibliography.bib} + +% OTH specific commands for logos, colors +\usepackage{OTHR} + +% line spacing +\usepackage[onehalfspacing]{setspace} + +% hyperlinks +\usepackage[pdftex,colorlinks=false]{hyperref} % make overfull hbox warnings prominently visible in document \overfullrule=2cm -% \usepackage[scale=0.75]{geometry} +\pagestyle{headings} - -\title{\textbf{Main Title} \\ {\Large\itshape Subtitle}} - -\author{Valentin Brandl} - -% \date{\today} -\date{} +% metadata like title, author, supervisor, ... +\include{metadata} +% custom commands +\include{commands} \begin{document} \maketitle -\begin{abstract} -Foo Bar baz lel -\end{abstract} +\include{abstract} -\hspace*{3.6mm}\textit{Keywords:} foo, bar, baz, trololol +\tableofcontents -\vspace{30pt} +\include{content} -\section*{Once upon a time} - - - -\section*{Once upon a time} +\cleardoublepage +\include{appendix} \end{document} + % vim: set filetype=tex ts=2 sw=2 tw=0 et : diff --git a/shell.nix b/shell.nix index 5cb96be8..a6d36fe0 100644 --- a/shell.nix +++ b/shell.nix @@ -9,15 +9,21 @@ let # base packages scheme-small + acro + anyfontsize + biblatex csquotes + dejavu latexmk - moderncv - needspace - fontawesome + # moderncv + # needspace + # fontawesome + fontspec silence - wrapfig - enumitem - mathpazo + translations + # wrapfig + # enumitem + # mathpazo ; }; @@ -27,6 +33,7 @@ pkgs.mkShell { buildInputs = [ latexPackage + pkgs.biber # language correction pkgs.languagetool # detex script