Abstract | ||
---|---|---|
A recent development in botnet technology is the adoption of P2P architecture as way to improve botnet resilience to disruption compared to the centralized architecture used by early botnets. Furthermore, in order to increase stealth and evade detection, many P2P botnets, such as storm, are employing fast flux service networks (FFSNs). We propose in this paper, a new P2P botnet detection approach by identifying malicious FFSNs. We define and compute a number of metrics from captured network flows which are analyzed using machine learning classification. For the proposed approach, we show experimentally that the presence of botnets may be detected with a high accuracy and identify its potential limitations. |
Year | DOI | Venue |
---|---|---|
2012 | 10.1109/3PGCIC.2012.48 | P2P, Parallel, Grid, Cloud and Internet Computing |
Keywords | Field | DocType |
botnet resilience,centralized architecture,p2p architecture,p2p botnets,p2p botnet detection approach,early botnets,malicious ffsns,malicious fast flux network,botnet technology,p2p botnet detection,fast flux service network,network flows,accuracy,learning artificial intelligence,detectors,servers | Flow network,Fast flux,Botnet,Computer science,Server,Peer to peer computing,Service networks,Computer network,Statistical classification | Conference |
ISBN | Citations | PageRank |
978-1-4673-2991-0 | 1 | 0.35 |
References | Authors | |
10 | 2 |
Name | Order | Citations | PageRank |
---|---|---|---|
David Zhao | 1 | 1 | 0.35 |
Issa Traore | 2 | 306 | 32.31 |