Title

Analysis Of Peer-To-Peer Botnet Attacks And Defenses

Abstract

A “botnet” is a network of computers that are compromised and controlled by an attacker (botmaster). Botnets are one of the most serious threats to today’s Internet. Most current botnets have centralized command and control (C&C) architecture. However, peer-to-peer (P2P) structured botnets have gradually emerged as a new advanced form of botnets. Due to the distributive nature of P2P networks, P2P botnets are more resilient to defense countermeasures. In this chapter, first we systematically study P2P botnets along multiple dimensions: bot candidate selection, network construction, C&C communication mechanisms/protocols, and mitigation approaches. Then we provide mathematical analysis of two P2P botnet elimination approaches—index poisoning defense and Sybil defense, and one P2P botnet monitoring technique—passive monitoring based on infiltrated honeypots or captured bots. Simulation experiments show that our mathematical analysis is accurate.

Publication Date

1-1-2015

Publication Title

Intelligent Systems Reference Library

Volume

85

Number of Pages

183-214

Document Type

Article

Personal Identifier

scopus

DOI Link

https://doi.org/10.1007/978-3-319-15916-4_8

Socpus ID

84925341207 (Scopus)

Source API URL

https://api.elsevier.com/content/abstract/scopus_id/84925341207

This document is currently not available here.

Share

COinS