What is botnet topology? - Definition from WhatIs.com
Part of the Network security glossary:

A botnet topology is the network structure by which botnet interconnections are organized.

Botnet topologies may be either centralized around a command and control server (C&C server) or decentralized using peer-to-peer (P2P) communication.

Typical botnet topologies include:

  • Star, in which the bots are organised around a central C&C server.
  • Multi-server, in which there are multiple C&C servers for redundancy in case one is disabled.
  • Hierarchical, in which multiple C&C servers are organized into tiered groups to increase reliability. The hierarchical structure also makes it possible to parcel out groups of bots for rental to different clients, and reduces the number of machines that could be discoverable from the detection of a single group or bot.
  • Random, in which there is no C&C server at all and bots communicate peer-to-peer (P2P botnet), with more advanced botnets using encryption.

As a resiliency measure, some non-random botnets are designed to reorganize as a P2P botnet in the event that a C&C server is taken down.

This was last updated in May 2014
Contributor(s): Matthew Haughn
Posted by: Margaret Rouse

Related Terms

Definitions

  • Chief Risk Officer (CRO)

    - The chief risk officer (CRO) is the corporate executive tasked with assessing and mitigating significant competitive, regulatory and technological risks across the enterprise. (SearchCompliance.com)

  • long-tail intrusion

    - Long-tail intrusions include advanced persistent threats (APT). However, sometimes intrusions achieved by simpler methods and malware may be used as the starting point of a long-tail intrusion and ... (WhatIs.com)

  • breach detection system (BDS)

    - Breach detection systems (BDS) are a category of applications and security devices designed to detect the activity of malware inside a network after a breach has occurred. Enterprise IT uses BDS t... (WhatIs.com)

Glossaries

  • Network security

    - Terms related to network security, including definitions about intrusion prevention and words and phrases about VPNs and firewalls.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question About botnet topologyPowered by ITKnowledgeExchange.com

Get answers from your peers on your most technical challenges

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.