The case for in-the-lab botnet experimentation: creating and taking down a 3000-node botnet
Proceedings of the 26th Annual Computer Security Applications Conference
Comparison of the mean-field approach and simulation in a peer-to-peer botnet case study
EPEW'11 Proceedings of the 8th European conference on Computer Performance Engineering
Group behavior metrics for p2p botnet detection
ICICS'12 Proceedings of the 14th international conference on Information and Communications Security
Simulation-based study of botnets and defense mechanisms against them
Journal of Computer and Systems Sciences International
Computer Networks: The International Journal of Computer and Telecommunications Networking
The SIC botnet lifecycle model: A step beyond traditional epidemiological models
Computer Networks: The International Journal of Computer and Telecommunications Networking
Modeling and evaluating of typical advanced peer-to-peer botnet
Performance Evaluation
Hi-index | 0.00 |
Peer-to-peer botnets are a relatively new yet rapidly growing Internet threat. In the year since its introduction in January 2007, the Storm Worm peer-to-peer botnet has become the largest botnet on the Internet. Unlike previous botnets operating over IRC channels, the Storm Worm botnet uses a decentralized peer-to-peer network to communicate among the bots and to control their computing power. While a centralized control structure can be toppled relatively easily by finding and disconnecting the head, a decentralized control structure is much harder to dismantle. Given this reality, security researchers must find new ways to defend against peer-to-peer botnets. Toward that aim, we have developed a stochastic model of peer-to-peer botnet formation to provide insight on possible defense tactics. We use the stochastic model to examine how different factors impact the growth of the botnet. Simulation results from the model evaluate the effectiveness both of prevention measures and of detection and disinfection methods. In this way, the simulation results from our peer-to-peer botnet model provide guidance for the design of future anti-malware systems.