Statistical Assessment of Peer-to-Peer Botnet Features
Botnets are collections of compromised machines which are controlled by a remotely located adversary. Botnets are of signi cant interest to cybersecurity researchers as they are a core mechanism that allows adversarial groups to gain control over large scale computing resources. Recent botnets have...
Main Author: | |
---|---|
Other Authors: | |
Language: | English en |
Published: |
2013
|
Subjects: | |
Online Access: | http://hdl.handle.net/1828/4526 |
Summary: | Botnets are collections of compromised machines which are controlled by a remotely located adversary. Botnets are of signi cant interest to cybersecurity researchers as they are a core mechanism that allows adversarial groups to gain control over large scale computing resources. Recent botnets have become increasingly complex, relying on Peer-to-Peer (P2P) protocols for botnet command and control (C&C). In this work, a packet-level simulation of a Kademlia-based P2P botnet is used in conjunction with a statistical analysis framework to investigate how measured botnet features change over time and across an ensemble of simulations. The simulation results include non-stationary and non-ergodic behaviours illustrating the complex nature of botnet operation and highlighting the need for rigorous statistical analysis as part of the engineering process. === Graduate === 0984, 0537, 0544 |
---|