Karuppayah, Shankar ; Fischer, Mathias ; Rossow, Christian ; Mühlhäuser, Max (2014)
On Advanced Monitoring in Resilient and Unstructured P2P Botnets.
International Conference on Communications (ICC) - Communications and Information Systems Security Symposium (CISS).
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
Botnets are a serious threat to Internet-based services and end users. The recent paradigm shift from centralized to more sophisticated Peer-to-Peer (P2P)-based botnets introduces new challenges for security researchers. Centralized botnets can be easily monitored, and once their command and control server is identified, easily be taken down. However, P2P-based botnets are much more resilient against such attempts. To make it worse, botnets like P2P Zeus include additional countermeasures to make monitoring and crawling more difficult for the defenders. In this paper, we discuss in detail the problems of P2P botnet monitoring. As our main contribution, we introduce the Less Invasive Crawling Algorithm (LICA) for efficiently crawling unstructured P2P botnets and utilize only local information. We compare the performance of LICA with other known crawling methods such as Depth-first and Breadth- first search. This is achieved by simulating these methods on not only a real-world botnet dataset, but also on an unstructured P2P file sharing network dataset. Our analysis results indicate that LICA significantly outperforms the other known crawling methods.
| Typ des Eintrags: | Konferenzveröffentlichung |
|---|---|
| Erschienen: | 2014 |
| Autor(en): | Karuppayah, Shankar ; Fischer, Mathias ; Rossow, Christian ; Mühlhäuser, Max |
| Art des Eintrags: | Bibliographie |
| Titel: | On Advanced Monitoring in Resilient and Unstructured P2P Botnets |
| Sprache: | Englisch |
| Publikationsjahr: | 2014 |
| Veranstaltungstitel: | International Conference on Communications (ICC) - Communications and Information Systems Security Symposium (CISS) |
| Kurzbeschreibung (Abstract): | Botnets are a serious threat to Internet-based services and end users. The recent paradigm shift from centralized to more sophisticated Peer-to-Peer (P2P)-based botnets introduces new challenges for security researchers. Centralized botnets can be easily monitored, and once their command and control server is identified, easily be taken down. However, P2P-based botnets are much more resilient against such attempts. To make it worse, botnets like P2P Zeus include additional countermeasures to make monitoring and crawling more difficult for the defenders. In this paper, we discuss in detail the problems of P2P botnet monitoring. As our main contribution, we introduce the Less Invasive Crawling Algorithm (LICA) for efficiently crawling unstructured P2P botnets and utilize only local information. We compare the performance of LICA with other known crawling methods such as Depth-first and Breadth- first search. This is achieved by simulating these methods on not only a real-world botnet dataset, but also on an unstructured P2P file sharing network dataset. Our analysis results indicate that LICA significantly outperforms the other known crawling methods. |
| Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik 20 Fachbereich Informatik > Telekooperation |
| Hinterlegungsdatum: | 02 Apr 2015 15:31 |
| Letzte Änderung: | 14 Jun 2021 06:14 |
| PPN: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum