Analysis of Peer-to-Peer Botnet Attacks and Defenses
作者: Ping Wang , Lei Wu , Baber Aslam , Cliff C. Zou
DOI: 10.1007/978-3-319-15916-4_8
关键词:
摘要: A “botnet” is a network of computers that are compromised and controlled by an attacker (botmaster). Botnets one the most serious threats to today’s Internet. Most current botnets have centralized command control (C&C) architecture. However, peer-to-peer (P2P) structured gradually emerged as new advanced form botnets. Due distributive nature P2P networks, more resilient defense countermeasures. In this chapter, first we systematically study along multiple dimensions: bot candidate selection, construction, C&C communication mechanisms/protocols, mitigation approaches. Then provide mathematical analysis two botnet elimination approaches—index poisoning Sybil defense, monitoring technique—passive based on infiltrated honeypots or captured bots. Simulation experiments show our accurate.
springer.com
ucf.edu 
sci-hub.st 参考文章(64)
David Dagon, Cliff Changchun Zou, Wenke Lee, Modeling Botnet Propagation Using Time Zones. network and distributed system security symposium. ,(2006)
Vilmos Bilicki, Márk Jelasity, Towards automated detection of peer-to-peer botnets: on the limits of local approaches usenix conference on large scale exploits and emergent threats. pp. 3- 3 ,(2009)
Chris Nunnery, Brent ByungHoon Kang, Greg Sinclair, Tumbling down the rabbit hole: exploring the idiosyncrasies of botmaster systems in a multi-tier botnet infrastructure usenix conference on large scale exploits and emergent threats. pp. 1- 1 ,(2010)
David Dagon, Chris Nunnery, Vikram Sharma, Brent ByungHoon Kang, Julian B. Grizzard, Peer-to-peer botnets: overview and case study conference on workshop on hot topics in understanding botnets. pp. 1- 1 ,(2007)
Vinod Yegneswaran, Guofei Gu, Wenke Lee, Martin Fong, Phillip Porras, BotHunter: detecting malware infection through IDS-driven dialog correlation usenix security symposium. pp. 12- ,(2007)
Paul Barford, Vinod Yegneswaran, An Inside Look at Botnets Advances in Information Security. pp. 171- 191 ,(2007) , 10.1007/978-0-387-44599-1_8
Geoffrey M. Voelker, Brandon Enright, Chris Kanich, Kirill Levchenko, Stefan Savage, Storm: when researchers collide ;login:: the magazine of USENIX & SAGE. ,vol. 33, pp. 6- 13 ,(2008)
Oleg Kolesnikov, Wenke Lee, Advanced Polymorphic Worms: Evading IDS by Blending in with Normal Traffic Georgia Institute of Technology. ,(2005)
L. Spitzner, Honeypots: Tracking Hackers ,(2002)
John R. Douceur, The Sybil Attack international workshop on peer to peer systems. pp. 251- 260 ,(2002) , 10.1007/3-540-45748-8_24