Name
Abstract | ||
|---|---|---|
P2P technology has been widely applied in many areas due to its excellent properties. Some botnets also shift towards the decentralized architectures, since they provide a better resiliency against detection and takedown efforts. Besides, modern P2P bots tend to run on compromised hosts in a stealthy way, which renders most existing approaches ineffective. In addition, few approaches address the problem of real-time detection. However, it is important to detect bots as soon as possible in order to minimize their harm. In this paper, we propose Peer Digger, a novel real-time system capable of detecting stealthy P2P bots. Peer Digger first detects all P2P hosts base on several basic properties of flow records, and then distinguishes P2P bots from benign P2P hosts by analyzing their network behavior patterns. The experimental results demonstrate that our system is able to identity P2P bots with an average TPR of 98.07% and an average FPR of 1.5% within 4 minutes. |
Year | DOI | Venue |
|---|---|---|
2014 | 10.1109/CSE.2014.283 | C3S2E |
Keywords | Field | DocType |
invasive software,peerdigger,decentralized architectures,traffic analysis,computer network security,p2p host detection,real-time detection,tpr,fpr,bot detection,p2p network,real-time,telecommunication traffic,stealthy p2p bot detection,peer-to-peer computing,network behavior pattern analysis,p2p technology,real-time systems,feature extraction,vectors,real time systems,storms | Traffic analysis,Botnet,Computer security,Computer science,Dead Peer Detection,Peer to peer computing,Computer network,Network behavior | Conference |
Citations | PageRank | References |
0 | 0.34 | 22 |
Authors | ||
5 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Jie He | 1 | 19 | 7.35 |
| Yuexiang Yang | 2 | 55 | 12.66 |
| Xiaolei Wang | 3 | 16 | 3.10 |
| Chuan Tang | 4 | 15 | 3.70 |
| Yingzhi Zeng | 5 | 22 | 5.59 |