An Advanced Hybrid Peer-to-Peer Botnet

    Authors

    P. Wang; S. Sparks;C. C. Zou

    Comments

    Authors: contact us about adding a copy of your work at STARS@ucf.edu

    Abbreviated Journal Title

    IEEE Trans. Dependable Secur. Comput.

    Keywords

    Botnet; peer-to-peer; robustness; honeypot; Computer Science, Hardware & Architecture; Computer Science, Information; Systems; Computer Science, Software Engineering

    Abstract

    A "botnet" consists of a network of compromised computers controlled by an attacker ("botmaster"). Recently, botnets have become the root cause of many Internet attacks. To be well prepared for future attacks, it is not enough to study how to detect and defend against the botnets that have appeared in the past. More importantly, we should study advanced botnet designs that could be developed by botmasters in the near future. In this paper, we present the design of an advanced hybrid peer-to-peer botnet. Compared with current botnets, the proposed botnet is harder to be shut down, monitored, and hijacked. It provides robust network connectivity, individualized encryption and control traffic dispersion, limited botnet exposure by each bot, and easy monitoring and recovery by its botmaster. In the end, we suggest and analyze several possible defenses against this advanced botnet.

    Journal Title

    Ieee Transactions on Dependable and Secure Computing

    Volume

    7

    Issue/Number

    2

    Publication Date

    1-1-2010

    Document Type

    Article

    Language

    English

    First Page

    113

    Last Page

    127

    WOS Identifier

    WOS:000277888200001

    ISSN

    1545-5971

    Share

    COinS