The small-world phenomenon: an algorithmic perspective
STOC '00 Proceedings of the thirty-second annual ACM symposium on Theory of computing
Hamilton cycles in random graphs and directed graphs
Random Structures & Algorithms
Chord: A scalable peer-to-peer lookup service for internet applications
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Viceroy: a scalable and dynamic emulation of the butterfly
Proceedings of the twenty-first annual symposium on Principles of distributed computing
Probabilistic Reliable Dissemination in Large-Scale Systems
IEEE Transactions on Parallel and Distributed Systems
Know thy neighbor's neighbor: the power of lookahead in randomized P2P networks
STOC '04 Proceedings of the thirty-sixth annual ACM symposium on Theory of computing
Gossip-based aggregation in large dynamic networks
ACM Transactions on Computer Systems (TOCS)
A General Framework for Scalability and Performance Analysis of DHT Routing Systems
DSN '06 Proceedings of the International Conference on Dependable Systems and Networks
A distributed host-based worm detection system
Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense
Understanding churn in peer-to-peer networks
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Revealing botnet membership using DNSBL counter-intelligence
SRUTI'06 Proceedings of the 2nd conference on Steps to Reducing Unwanted Traffic on the Internet - Volume 2
Symphony: distributed hashing in a small world
USITS'03 Proceedings of the 4th conference on USENIX Symposium on Internet Technologies and Systems - Volume 4
Worms vs. perimeters: the case for hard-LANs
HOTI '04 Proceedings of the High Performance Interconnects, 2004. on Proceedings. 12th Annual IEEE Symposium
ACM Transactions on Computer Systems (TOCS)
Journal of Systems and Software
Network monitoring using traffic dispersion graphs (tdgs)
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
Peer-to-peer botnets: overview and case study
HotBots'07 Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets
Measurements and mitigation of peer-to-peer-based botnets: a case study on storm worm
LEET'08 Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats
The heisenbot uncertainty problem: challenges in separating bots from chaff
LEET'08 Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats
Araneola: A scalable reliable multicast system for dynamic environments
Journal of Parallel and Distributed Computing
SS'08 Proceedings of the 17th conference on Security symposium
T-Man: Gossip-based fast overlay topology construction
Computer Networks: The International Journal of Computer and Telecommunications Networking
Long term study of peer behavior in the KAD DHT
IEEE/ACM Transactions on Networking (TON)
Scalable P2P Overlays of Very Small Constant Degree: An Emerging Security Threat
SSS '09 Proceedings of the 11th International Symposium on Stabilization, Safety, and Security of Distributed Systems
Towards automated detection of peer-to-peer botnets: on the limits of local approaches
LEET'09 Proceedings of the 2nd USENIX conference on Large-scale exploits and emergent threats: botnets, spyware, worms, and more
A foray into Conficker's logic and rendezvous points
LEET'09 Proceedings of the 2nd USENIX conference on Large-scale exploits and emergent threats: botnets, spyware, worms, and more
Know thy neighbor’s neighbor: better routing for skip-graphs and small worlds
IPTPS'04 Proceedings of the Third international conference on Peer-to-Peer Systems
T-Man: gossip-based overlay topology management
ESOA'05 Proceedings of the Third international conference on Engineering Self-Organising Systems
A survey of techniques for internet traffic classification using machine learning
IEEE Communications Surveys & Tutorials
A survey and comparison of peer-to-peer overlay network schemes
IEEE Communications Surveys & Tutorials
| Hi-index | 0.00 |
P2P technology has recently been adopted by Internet-based malware as a fault tolerant and scalable communication medium. Due to its decentralized and self-organizing nature, P2P malware is harder to detect and block, especially if it utilizes specialized techniques for hiding. We analyze a number of hiding strategies through extensive and realistic simulations over a model of the AS-level Internet topology. We show that the most effective strategy to avoid detection is to drastically reduce the maximal number of peers a node communicates with. While overlay networks of a small constant maximal degree are generally considered to be unscalable, we argue that it is possible to design them to be scalable, efficient, and robust. An important implication is that stealth mode P2P malware that is very difficult to discover with state-of-the-art methods is a plausible threat. We discuss algorithms and theoretical results that support the scalability of stealth mode overlays, and we present realistic event-based simulations of a proof-of-concept system. Besides the context of P2P malware, some of our results are of general interest in the area of constant degree overlays in connection with the problem of how to maintain reasonable performance and reliability with the smallest degree possible.