Towards Accurate Node-Based Detection of P2P Botnets
نویسنده
چکیده
Botnets are a serious security threat to the current Internet infrastructure. In this paper, we propose a novel direction for P2P botnet detection called node-based detection. This approach focuses on the network characteristics of individual nodes. Based on our model, we examine node's flows and extract the useful features over a given time period. We have tested our approach on real-life data sets and achieved detection rates of 99-100% and low false positives rates of 0-2%. Comparison with other similar approaches on the same data sets shows that our approach outperforms the existing approaches.
منابع مشابه
BotOnus: an online unsupervised method for Botnet detection
Botnets are recognized as one of the most dangerous threats to the Internet infrastructure. They are used for malicious activities such as launching distributed denial of service attacks, sending spam, and leaking personal information. Existing botnet detection methods produce a number of good ideas, but they are far from complete yet, since most of them cannot detect botnets in an early stage ...
متن کاملMultivariate Statistical Analysis on Anomaly P2P Botnets Detection
Botnets population is rapidly growing and they become a huge threat on the Internet. Botnets has been declared as Advanced Malware (AM) and Advanced Persistent Threat (APT) listed attacks which is able to manipulate advanced technology where the intricacy of threats need for continuous detection and protection. These attacks will be almost exclusive for financial gain. P2P botnets act as bots t...
متن کاملP2p behaviour detection pdf
Or traceback, thus making the detection of P2P bots is a real challenge. Fected machine by correlating bots behavioural attributes. Peacomm Storm P2P bot is. Stegginkrp1p2pdetect conceptpaper.pdf?id2007-2008. And focus on CC channel detection for P2P botnets that use multiple protocols randomly chosen for CC. We first consider a clustering based node behavior profiling approach to capture the n...
متن کاملTowards Automated Detection of Peer-to-Peer Botnets: On the Limits of Local Approaches
State-of-the-art approaches for the detection of peer-topeer (P2P) botnets are on the one hand mostly local and on the other hand tailored to specific botnets involving a great amount of human time, effort, skill and creativity. Enhancing or even replacing this labor-intensive process with automated and, if possible, local network monitoring tools is clearly extremely desirable. To investigate ...
متن کاملStudy of the Honeypot-Aware Peer-to-Peer Botnet and Its Feasibility
The research objective of this project is to investigate one possible advanced botnet – honeypotaware peer-to-peer (P2P) botnet: verifying our analysis of the propagation of a honeypot-aware P2P botnet, and then showing the feasibility of developing a such botnet in terms of its propagation effectiveness. A “botnet” is a network composed of compromised computers (“bots”) on the Internet, that a...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره 2014 شماره
صفحات -
تاریخ انتشار 2014