Building a Scalable System for Stealthy P2P-Botnet Detection

Authors

  • B. Anitha  Computer Science and Engineering, Dhanalakshmi College of Engineering, Chennai, Tamilnadu, India
  • Avinash Sivan  Computer Science and Engineering, Dhanalakshmi College of Engineering, Chennai, Tamilnadu, India
  • V. Hari Prasath  Computer Science and Engineering, Dhanalakshmi College of Engineering, Chennai, Tamilnadu, India
  • S. Selvaraj  Computer Science and Engineering, Dhanalakshmi College of Engineering, Chennai, Tamilnadu, India

Keywords:

Botnet Detection, Software Architecture, Signature Based Etection, Data Mining, Click Fraud, Search Log Analysis

Abstract

In this paper we discussed about Peer-to-peer (P2P) because botnets have recently been taken by botmasters for their attack against take-down efforts. Inside being harder to take down, modern bot nets tend to be attack in the way they perform malicious activities, making current detection approaches ineffective. In addition, the rapidly growing volume of network traffic calls for high measurable of detection systems. We propose a new measurable botnet detection system capable of detecting attack P2P botnets. ABOTNET is a collection of compromised hosts that are remotely controlled by an attacker (the botmaster) through a command and control (C&C) channel. Botnets serve as the infrastructures responsible for a variety of cyber-crimes, such as spamming, distributed denial of-service (DDoS) attacks, identity theft, click fraud, etc. The C&C channel is an essential component of a botnet because botmasters rely on the C&C channel to issue commands to their bots and receive information from the compromised machines. Botnets may structure their C&C channels in different ways.

References

[1] S. Stover, D. Dittrich, J. Hernandez, and S. Dietrich, “Analysis of the storm and nugache trojans: P2P is here,” in Proc. USENIX, vol. 32. 2007, pp. 18–27.

[2] P. Porras, H. Saidi, and V. Yegneswaran, “A multi-perspective analysis of the storm (peacomm) worm,” Comput. Sci. Lab., SRI Int., Menlo Park, CA, USA, Tech. Rep., 2007.  P. Porras, H. Saidi, and V. Yegneswaran. (2009). Conficker C Analysis [Online]. Available: http://mtc.sri.com/Conficker/addendumC/index.html

[3] G. Sinclair, C. Nunnery, and B. B. Kang, “The waledac protocol: The how and why,” in Proc. 4th Int. Conf. Malicious Unwanted Softw., Oct. 2009, pp. 69–77.

[4] R. Lemos. (2006). Bot Software Looks to Improve Peerage [Online]. Available: http://www.securityfocus.com/news/11390

[5] Y. Zhao, Y. Xie, F. Yu, Q. Ke, and Y. Yu, “Botgraph: Large scale spamming botnet detection,” in Proc. 6th USENIX NSDI, 2009, pp. 1–14.

[6] G. Gu, R. Perdisci, J. Zhang, and W. Lee, “Botminer: Clustering analysis of network traffic for protocol- and structure-independent botnet detection,” in Proc. USENIX Security, 2008, pp. 139–154.

[7] T.-F. Yen and M. K. Reiter, “Are your hosts trading or plotting? Telling P2P file-sharing and bots apart,” in Proc. ICDCS, Jun. 2010, pp. 241–252.

[8] S. Nagaraja, P. Mittal, C.-Y. Hong, M. Caesar, and N. Borisov, “BotGrep: Finding P2P bots with structured graph analysis,” in Proc. USENIX Security, 2010, pp. 1–16.

[9] J. Zhang, X. Luo, R. Perdisci, G. Gu, W. Lee, and N. Feamster, “Boosting the scalability of botnet detection using adaptive traffic sampling,” in Proc. 6th ACM Symp. Inf., Comput. Commun. Security.

International Journal of Scientific Research in Science, Engineering and Technology

Downloads

Published

2015-04-25

Issue

Volume 1, Issue 2, March-April-2015

Section

Research Articles

License

Copyright (c) IJSRSET

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
B. Anitha, Avinash Sivan, V. Hari Prasath, S. Selvaraj "Building a Scalable System for Stealthy P2P-Botnet Detection" International Journal of Scientific Research in Science, Engineering and Technology (IJSRSET), Print ISSN : 2395-1990, Online ISSN : 2394-4099, Volume 1, Issue 2, pp.284-288, March-April-2015.