The small-world phenomenon: an algorithmic perspective
STOC '00 Proceedings of the thirty-second annual ACM symposium on Theory of computing
Hamilton cycles in random graphs and directed graphs
Random Structures & Algorithms
Viceroy: a scalable and dynamic emulation of the butterfly
Proceedings of the twenty-first annual symposium on Principles of distributed computing
Probabilistic Reliable Dissemination in Large-Scale Systems
IEEE Transactions on Parallel and Distributed Systems
Know thy neighbor's neighbor: the power of lookahead in randomized P2P networks
STOC '04 Proceedings of the thirty-sixth annual ACM symposium on Theory of computing
A General Framework for Scalability and Performance Analysis of DHT Routing Systems
DSN '06 Proceedings of the International Conference on Dependable Systems and Networks
Understanding churn in peer-to-peer networks
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Symphony: distributed hashing in a small world
USITS'03 Proceedings of the 4th conference on USENIX Symposium on Internet Technologies and Systems - Volume 4
Network monitoring using traffic dispersion graphs (tdgs)
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
Peer-to-peer botnets: overview and case study
HotBots'07 Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets
Measurements and mitigation of peer-to-peer-based botnets: a case study on storm worm
LEET'08 Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats
T-Man: Gossip-based fast overlay topology construction
Computer Networks: The International Journal of Computer and Telecommunications Networking
Towards automated detection of peer-to-peer botnets: on the limits of local approaches
LEET'09 Proceedings of the 2nd USENIX conference on Large-scale exploits and emergent threats: botnets, spyware, worms, and more
A foray into Conficker's logic and rendezvous points
LEET'09 Proceedings of the 2nd USENIX conference on Large-scale exploits and emergent threats: botnets, spyware, worms, and more
Know thy neighbor’s neighbor: better routing for skip-graphs and small worlds
IPTPS'04 Proceedings of the Third international conference on Peer-to-Peer Systems
Scalable Stealth Mode P2P Overlays of Very Small Constant Degree
ACM Transactions on Autonomous and Adaptive Systems (TAAS)
| Hi-index | 0.00 |
In recent years peer-to-peer (P2P) technology has been adopted by Internet-based malware as a fault tolerant and scalable communication medium for self-organization and survival. It has been shown that malicious P2P networks would be nearly impossible to uncover if they operated in a stealth mode , that is, using only a small constant number of fixed overlay connections per node for communication. While overlay networks of a small constant maximal degree are generally considered to be unscalable, we argue in this paper that it is possible to design them to be scalable, efficient and robust. This is an important finding from a security point of view: we show that stealth mode P2P malware that is very difficult to discover with state-of-the-art methods is a plausible threat. In this paper we discuss algorithms and theoretical results that support the scalability of stealth mode overlays, and we present realistic simulations using an event based implementation of a proof-of-concept system. Besides P2P botnets, our results are also applicable in scenarios where relying on a large number of overlay connections per node is not feasible because of cost or the limited number of communication channels available.