Böck, Leon ; Shankar, Karuppayah ; Mühlhäuser, Max ; Emmanouil, Vasilomanolakis (2020)
An Overview of the Botnet Simulation Framework.
In: The Journal on Cybercrime & Digital Investigations, 6 (1)
doi: 10.18464/cybin.v6i1.25
Artikel, Bibliographie
Kurzbeschreibung (Abstract)
Conducting research on botnets is oftentimes limited to the analysis of active botnets. This prevents researchers from testing detection and tracking mechanisms on potential future threats. Specifically, in the domain of P2P botnets, the protocol specifics, network churn and anti-tracking mechanisms greatly impact the success or failure of monitoring operations.
Moreover, experiments on real world botnets, commonly lack ground truth to verify the findings. As developing and deploying botnets of sufficient size is accompanied by large costs and administration efforts, this paper attempts to address this issue by introducing a simulation framework for P2P botnets called Botnet Simulation Framework (BSF). BSF can simulate monitoring operations in botnets of more than 20.000 bots to evaluate tracking mechanisms or simulate takedown efforts. Moreover, communication traces can be exported to inject traffic into arbitrary PCAP files for training and evaluation of intrusion detection systems.
| Typ des Eintrags: | Artikel |
|---|---|
| Erschienen: | 2020 |
| Autor(en): | Böck, Leon ; Shankar, Karuppayah ; Mühlhäuser, Max ; Emmanouil, Vasilomanolakis |
| Art des Eintrags: | Bibliographie |
| Titel: | An Overview of the Botnet Simulation Framework |
| Sprache: | Englisch |
| Publikationsjahr: | 6 Dezember 2020 |
| Verlag: | Centre Expert contre la Cybercriminalité Français |
| Titel der Zeitschrift, Zeitung oder Schriftenreihe: | The Journal on Cybercrime & Digital Investigations |
| Jahrgang/Volume einer Zeitschrift: | 6 |
| (Heft-)Nummer: | 1 |
| DOI: | 10.18464/cybin.v6i1.25 |
| URL / URN: | https://journal.cecyf.fr/ojs/index.php/cybin/article/view/25 |
| Kurzbeschreibung (Abstract): | Conducting research on botnets is oftentimes limited to the analysis of active botnets. This prevents researchers from testing detection and tracking mechanisms on potential future threats. Specifically, in the domain of P2P botnets, the protocol specifics, network churn and anti-tracking mechanisms greatly impact the success or failure of monitoring operations. Moreover, experiments on real world botnets, commonly lack ground truth to verify the findings. As developing and deploying botnets of sufficient size is accompanied by large costs and administration efforts, this paper attempts to address this issue by introducing a simulation framework for P2P botnets called Botnet Simulation Framework (BSF). BSF can simulate monitoring operations in botnets of more than 20.000 bots to evaluate tracking mechanisms or simulate takedown efforts. Moreover, communication traces can be exported to inject traffic into arbitrary PCAP files for training and evaluation of intrusion detection systems. |
| Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik 20 Fachbereich Informatik > Telekooperation Profilbereiche Profilbereiche > Cybersicherheit (CYSEC) |
| Hinterlegungsdatum: | 23 Sep 2021 07:14 |
| Letzte Änderung: | 23 Sep 2021 07:14 |
| PPN: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum