Detecting and blocking P2P botnets through contact tracing chains. (12th April 2010)
- Record Type:
- Journal Article
- Title:
- Detecting and blocking P2P botnets through contact tracing chains. (12th April 2010)
- Main Title:
- Detecting and blocking P2P botnets through contact tracing chains
- Authors:
- Huang, Zhiyong
Zeng, Xiaoping
Liu, Yong - Abstract:
- Peer-to-peer (P2P) botnets have recently become serious security threats on the internet. It is difficult to detect the propagation of P2P botnets by isolated monitoring on individual machines due to its decentralised control structure. In this paper, we propose a contact tracing chain-based framework to detect and block P2P botnets by tracing contact behaviours among peers. In the proposed framework, the contacts of peers with suspicious symptoms are traced and tracing chains are established to correlate contacts among peers with their abnormal symptoms. Peers are confirmed with infections when the length of contact tracing chain that they belong to reaches a preset threshold. Under this framework, we develop different detection, tracing and immunisation strategies. Through numerical simulations, we demonstrate that the proposed contact tracing framework can quickly detect and block the propagation of P2P botnets.
- Is Part Of:
- International journal of internet protocol technology. Volume 5:Number 1/2(2010)
- Journal:
- International journal of internet protocol technology
- Issue:
- Volume 5:Number 1/2(2010)
- Issue Display:
- Volume 5, Issue 1/2 (2010)
- Year:
- 2010
- Volume:
- 5
- Issue:
- 1/2
- Issue Sort Value:
- 2010-0005-NaN-0000
- Page Start:
- 44
- Page End:
- 54
- Publication Date:
- 2010-04-12
- Subjects:
- P2P botnets -- peer-to-peer -- worms -- contact tracing -- transmission chains -- entropy -- threshold -- detection -- blocking -- immunisation -- simulation -- internet protocol -- tracing chains -- network security
File Transfer Protocol (Computer network protocol) -- Periodicals
Multicasting (Computer networks) -- Periodicals
004.678 - Journal URLs:
- http://www.inderscience.com/jhome.php?jcode=ijipt ↗
http://www.inderscience.com/ ↗ - Languages:
- English
- ISSNs:
- 1743-8209
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store - Ingest File:
- 8707.xml