On the resilience of P2P botnet footprints in the presence of legitimate P2P traffic

Daneshgar Fateme Faraji; Abbaspour Maghsoud

首页> 外文期刊>International journal of communication systems >On the resilience of P2P botnet footprints in the presence of legitimate P2P traffic

【24h】

On the resilience of P2P botnet footprints in the presence of legitimate P2P traffic

机译：关于合法P2P流量存在的P2P僵尸网足迹的恢复力

获取原文

获取原文并翻译 | 示例

掌桥外文数据库（机构版） >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

Botnet is a distributed platform for illegal activities severely threaten the security of the Internet. Fortunately, although their complicated nature, bots leave some footprints during the C&C communication that have been utilized by security researchers to design detection mechanisms. Nevertheless, botnet designers are always trying to evade detection systems by leveraging the legitimate P2P protocol as C&C channel or even mimicking legitimate peer-to-peer (P2P) behavior. Consequently, detecting P2P botnet in the presence of normal P2P traffic is one of the most challenging issues in network security. However, the resilience of P2P botnet detection systems in the presence of normal P2P traffic is not investigated in most proposed schemes. In this paper, we focused on the footprint as the most essential part of a detection system and presented a taxonomy of footprints utilized in behavioral P2P botnet detection systems. Then, the resilience of mentioned footprints is analyzed using three evaluation scenarios. Our experimental and analytical investigations indicated that the most P2P botnet footprints are not resilient to the presence of legitimate P2P traffic and there is a pressing need to introduce more resilient footprints.

机译：僵尸网络是一个分布式平台，用于非法活动严重威胁到互联网的安全性。幸运的是，虽然它们的性质复杂，但机器人在通过安全研究人员利用的C＆C通信中留下了一些足迹，以设计检测机制。尽管如此，僵尸网络设计人员始终试图通过利用合法的P2P协议作为C＆C信道甚至模拟合法的点对点（P2P）行为来逃避检测系统。因此，在正常的P2P流量存在下检测P2P僵尸网络是网络安全中最具挑战性的问题之一。然而，在大多数提出的方案中没有研究在存在正常的P2P流量存在下P2P僵尸网络检测系统的抵御。在本文中，我们专注于检测系统中最重要的部分的足迹，并提出了在行为P2P僵尸网络检测系统中使用的占地面积分类。然后，使用三种评估场景分析提到的占地面积的抵御能力。我们的实验和分析调查表明，最多的P2P僵尸网络脚印不适合存在合法的P2P流量，并且需要引入更多弹性占地面积。

著录项

来源
《International journal of communication systems》 |2019年第13期|e3973.1-e3973.27|共27页
作者
Daneshgar Fateme Faraji; Abbaspour Maghsoud;
展开▼
作者单位

Shahid Beheshti Univ Fac Comp Sci & Engn Tehran 1983969411 Iran;

Shahid Beheshti Univ Fac Comp Sci & Engn Tehran 1983969411 Iran;

展开▼
收录信息美国《科学引文索引》(SCI);美国《工程索引》(EI);
原文格式 PDF
正文语种 eng
中图分类
关键词
evasion resilience analysis; normal and malicious P2P communication characteristics; P2P botnet detection; P2P botnet footprints;

机译：逃避弹性分析;正常和恶意P2P通信特性;P2P僵尸网络检测;P2P僵尸网络脚印;

相似文献

外文文献
中文文献
专利

1. On the resilience of P2P botnet footprints in the presence of legitimate P2P traffic [J] . Daneshgar Fateme Faraji, Abbaspour Maghsoud International journal of communication systems . 2019,第13期

机译：在存在合法P2P流量的情况下，P2P僵尸网络足迹的弹性
2. P2P and P2P botnet traffic classification in two stages [J] . Ye Wujian, Cho Kyungsan Soft computing: A fusion of foundations, methodologies and applications . 2017,第5期

机译：P2P和P2P僵尸网络流量分类在两个阶段
3. Adaptive traffic sampling for P2P botnet detection [J] . He Jie, Yang Yuexiang, Wang Xiaolei, International Journal of Network Management . 2017,第5期

机译：用于P2P僵尸网络检测的自适应流量采样
4. On the resilience of P2P-based botnet graphs [C] . Steffen Haas, Shankar Karuppayah, Selvakumar Manickam, IEEE Conference on Communications and Network Security . 2016

机译：基于P2P的僵尸网络图的弹性
5. In depth research to reveal a peer to peer (P2P) botnet life cycle [D] . Matos, Jose Ettiene 2011

机译：深入研究，揭示对等（P2P）僵尸网络生命周期的对等体
6. DUSTBot: A duplex and stealthy P2P-based botnet in the Bitcoin network [O] . Yi Zhong, Anmin Zhou, Lei Zhang, 2019

机译：垃圾箱：比特币网络中的基于双工和隐形的P2P僵尸网络
7. SoK: P2PWNED - modeling and evaluating the resilience of peer-to-peer botnets [O] . Rossow, C., Andriesse, D., Werner, T., 2013

机译：soK：p2pWNED - 建模和评估点对点僵尸网络的弹性

On the resilience of P2P botnet footprints in the presence of legitimate P2P traffic

摘要

著录项

相似文献

相关主题

期刊订阅