OpenAIRE is about to release its new face with lots of new content and services.
During September, you may notice downtime in services, while some functionalities (e.g. user registration, login, validation, claiming) will be temporarily disabled.
We apologize for the inconvenience, please stay tuned!
For further information please contact helpdesk[at]openaire.eu

fbtwitterlinkedinvimeoflicker grey 14rssslideshare1
Al-Hammadi, Yousof; Aickelin, Uwe (2010)
Publisher: IEEE
Languages: English
Types: Part of book or chapter of book
Subjects: Computer Science - Artificial Intelligence, Computer Science - Neural and Evolutionary Computing, Computer Science - Cryptography and Security

Classified by OpenAIRE into

ACM Ref: ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, ComputingMilieux_PERSONALCOMPUTING, Software_OPERATINGSYSTEMS
In the past few years, IRC bots, malicious programs which\ud are remotely controlled by the attacker through IRC servers,\ud have become a major threat to the Internet and users. These\ud bots can be used in different malicious ways such as issuing\ud distributed denial of services attacks to shutdown other\ud networks and services, keystrokes logging, spamming, traffic\ud sniffing cause serious disruption on networks and users.\ud New bots use peer to peer (P2P) protocols start to appear\ud as the upcoming threat to Internet security due to the fact\ud that P2P bots do not have a centralized point to shutdown\ud or traceback, thus making the detection of P2P bots is a\ud real challenge. In response to these threats, we present an\ud algorithm to detect an individual P2P bot running on a\ud system by correlating its activities. Our evaluation shows\ud that correlating different activities generated by P2P bots\ud within a specified time period can detect these kind of bots.
  • The results below are discovered through our pilot algorithms. Let us know how we are doing!

    • [1] D. Dittrich and S. Dietrich. P2P as botnet command and control: a deeper insight. In Proceedings of the 2008 3rd International Conference on Malicious and Unwanted Software - Malware, October 2008.
    • [2] E. Florio and M. Ciubotariu. Peerbot: Catch me if you can. Whitepaper: Symantec Security Response, Ireland. Originally published by Virus Bulletin, March 2007.
    • [3] L. A. Gordon, M. P. Loeb, W. Lucyshyn and R. Ricson, CSI/FBI computer crime and security survey 2006, Computer Security Institute, 2006.
    • [4] J. B. Grizzard, V. Sharma, C. Nunnery, B. B. Kang, and D. Dagon. Peer-to-peer botnets: Overview and case study. In HotBots 07 conference, 2007.
    • [5] G. Gu, P. Porras, V. Yegneswaran, M. Fong, and W. Lee. BotHunter: Detecting Malware Infection through IDS-driven Dialog Correlation. In 16th USENIX Security Symposium, 2007.
    • [6] P. Maymounkov and D. Mazi'eres, Kademlia: A peer-topeer information system based on the XOR metric. In 1st International Workshop on Peer-to-Peer Systems, pp. 5362, March 2002.
    • [7] C. Nunnery and B. B. Kang. Locating Zombie Nodes and Botmasters in Decentralized Peer-to-Peer Botnets, 2007. https://www.os3.nl/ media/2007-2008/students/matthew steggink/rp1/p2pdetect conceptpaper.pdf?id=2007-2008.
    • [8] T. Holz, M. Steiner, F. Dahl, E. Biersack, and F. Freiling. Measurements and mitigation of peer-to-peer-based botnets: A case study on storm worm. In LEET 08: First USENIX Workshop on Large-Scale Exploits and Emergent Threats, 2008.
    • [9] P. Porras, H. Saidi, and V. Yegneswaran. A Multi-perspective Analysis of the Storm (Peacomm) Worm. Technical report, Computer Science Laboratory, SRI International, October 2007.
    • [10] R. Schoof and R. Koning. Detecting peer-to-peer botnets. University of Amsterdam. 2007.
    • [11] J. Stewart. Storm Worm DDoS Attack, Feb. 2007. http://www.secureworks.com/research/threats/view.html? threat=storm-worm.
    • [12] S. Stover, D. Dittrich, J. Hernandez, and S. Dietrich. Analysis of the Storm and Nugache Trojans: P2P is here. In USENIX ;login: vol. 32, no. 6, December 2007.
  • No related research data.
  • No similar publications.

Share - Bookmark

Cite this article

Cookies make it easier for us to provide you with our services. With the usage of our services you permit us to use cookies.
More information Ok