Building a Scalable System for Stealthy P2P-Botnet Detection

Authors(4) :-B. Anitha, Avinash Sivan, V. Hari Prasath, S. Selvaraj

In this paper we discussed about Peer-to-peer (P2P) because botnets have recently been taken by botmasters for their attack against take-down efforts. Inside being harder to take down, modern bot nets tend to be attack in the way they perform malicious activities, making current detection approaches ineffective. In addition, the rapidly growing volume of network traffic calls for high measurable of detection systems. We propose a new measurable botnet detection system capable of detecting attack P2P botnets. ABOTNET is a collection of compromised hosts that are remotely controlled by an attacker (the botmaster) through a command and control (C&C) channel. Botnets serve as the infrastructures responsible for a variety of cyber-crimes, such as spamming, distributed denial of-service (DDoS) attacks, identity theft, click fraud, etc. The C&C channel is an essential component of a botnet because botmasters rely on the C&C channel to issue commands to their bots and receive information from the compromised machines. Botnets may structure their C&C channels in different ways.

Authors and Affiliations

B. Anitha
Computer Science and Engineering, Dhanalakshmi College of Engineering, Chennai, Tamilnadu, India
Avinash Sivan
Computer Science and Engineering, Dhanalakshmi College of Engineering, Chennai, Tamilnadu, India
V. Hari Prasath
Computer Science and Engineering, Dhanalakshmi College of Engineering, Chennai, Tamilnadu, India
S. Selvaraj
Computer Science and Engineering, Dhanalakshmi College of Engineering, Chennai, Tamilnadu, India

Botnet Detection, Software Architecture, Signature Based Etection, Data Mining, Click Fraud, Search Log Analysis

[1] S. Stover, D. Dittrich, J. Hernandez, and S. Dietrich, “Analysis of the storm and nugache trojans: P2P is here,” in Proc. USENIX, vol. 32. 2007, pp. 18–27.

[2] P. Porras, H. Saidi, and V. Yegneswaran, “A multi-perspective analysis of the storm (peacomm) worm,” Comput. Sci. Lab., SRI Int., Menlo Park, CA, USA, Tech. Rep., 2007.  P. Porras, H. Saidi, and V. Yegneswaran. (2009). Conficker C Analysis [Online]. Available: http://mtc.sri.com/Conficker/addendumC/index.html

[3] G. Sinclair, C. Nunnery, and B. B. Kang, “The waledac protocol: The how and why,” in Proc. 4th Int. Conf. Malicious Unwanted Softw., Oct. 2009, pp. 69–77.

[4] R. Lemos. (2006). Bot Software Looks to Improve Peerage [Online]. Available: http://www.securityfocus.com/news/11390

[5] Y. Zhao, Y. Xie, F. Yu, Q. Ke, and Y. Yu, “Botgraph: Large scale spamming botnet detection,” in Proc. 6th USENIX NSDI, 2009, pp. 1–14.

[6] G. Gu, R. Perdisci, J. Zhang, and W. Lee, “Botminer: Clustering analysis of network traffic for protocol- and structure-independent botnet detection,” in Proc. USENIX Security, 2008, pp. 139–154.

[7] T.-F. Yen and M. K. Reiter, “Are your hosts trading or plotting? Telling P2P file-sharing and bots apart,” in Proc. ICDCS, Jun. 2010, pp. 241–252.

[8] S. Nagaraja, P. Mittal, C.-Y. Hong, M. Caesar, and N. Borisov, “BotGrep: Finding P2P bots with structured graph analysis,” in Proc. USENIX Security, 2010, pp. 1–16.

[9] J. Zhang, X. Luo, R. Perdisci, G. Gu, W. Lee, and N. Feamster, “Boosting the scalability of botnet detection using adaptive traffic sampling,” in Proc. 6th ACM Symp. Inf., Comput. Commun. Security.

Publication Details

Published in : Volume 1 | Issue 2 | March-April 2015
Date of Publication : 2015-04-25
License:  This work is licensed under a Creative Commons Attribution 4.0 International License.
Page(s) : 284-288
Manuscript Number : IJSRSET152282
Publisher : Technoscience Academy

Print ISSN : 2395-1990, Online ISSN : 2394-4099

Cite This Article :

B. Anitha, Avinash Sivan, V. Hari Prasath, S. Selvaraj, " Building a Scalable System for Stealthy P2P-Botnet Detection, International Journal of Scientific Research in Science, Engineering and Technology(IJSRSET), Print ISSN : 2395-1990, Online ISSN : 2394-4099, Volume 1, Issue 2, pp.284-288, March-April-2015.
Journal URL : http://ijsrset.com/IJSRSET152282

Follow Us

Contact Us