Title

A Systematic Study On Peer-To-Peer Botnets

Abstract

"Botnet" is a network of computers that are compromised and controlled by an attacker. Botnets are one of the most serious threats to today's Internet. Most current botnets have centralized command and control (C&C) architecture. However, peer-to-peer (P2P) structured botnets have gradually emerged as a new advanced form of botnets. Without central C&C servers, P2P botnets are more resilient to defenses and countermeasures than traditional centralized botnets. In this paper, we systematically study P2P botnets along multiple dimensions: bot candidate selection, network construction, C&C mechanisms and communication protocols, and mitigation approaches. We carefully study two defense approaches: index poisoning and sybil attack. According to the common idea shared by them, we are able to give analytical results to evaluate their performance. We also propose possible counter techniques which might be developed by attackers against index poisoning and sybil attack defenses. In addition, we obtain one interesting finding: compared to traditional centralized botnets, by using index poisoning technique, it is easier to shut down or at least effectively mitigate P2P botnets that adopt existing P2P protocols and rely on file index to disseminate commands. © 2009 IEEE.

Publication Date

11-12-2009

Publication Title

Proceedings - International Conference on Computer Communications and Networks, ICCCN

Number of Pages

-

Document Type

Article; Proceedings Paper

Personal Identifier

scopus

DOI Link

https://doi.org/10.1109/ICCCN.2009.5235360

Socpus ID

70449085275 (Scopus)

Source API URL

https://api.elsevier.com/content/abstract/scopus_id/70449085275

This document is currently not available here.

Share

COinS