Statistical Assessment of Peer-to-Peer Botnet Features

Statistical Assessment of Peer-to-Peer Botnet Features

Botnets are collections of compromised machines which are controlled by a remotely located adversary. Botnets are of signi cant interest to cybersecurity researchers as they are a core mechanism that allows adversarial groups to gain control over large scale computing resources. Recent botnets have...

Full description

Bibliographic Details
Main Author: Godkin, Teghan
Other Authors: Neville, Stephen William
Language:English
en
Published: 2013
Subjects:
botnets
machines
cybersecurity
statistical analysis
Online Access:http://hdl.handle.net/1828/4526
id ndltd-uvic.ca-oai-dspace.library.uvic.ca-1828-4526
record_format oai_dc
spelling ndltd-uvic.ca-oai-dspace.library.uvic.ca-1828-45262015-01-29T16:52:14Z Statistical Assessment of Peer-to-Peer Botnet Features Godkin, Teghan Neville, Stephen William botnets machines cybersecurity statistical analysis Botnets are collections of compromised machines which are controlled by a remotely located adversary. Botnets are of signi cant interest to cybersecurity researchers as they are a core mechanism that allows adversarial groups to gain control over large scale computing resources. Recent botnets have become increasingly complex, relying on Peer-to-Peer (P2P) protocols for botnet command and control (C&C). In this work, a packet-level simulation of a Kademlia-based P2P botnet is used in conjunction with a statistical analysis framework to investigate how measured botnet features change over time and across an ensemble of simulations. The simulation results include non-stationary and non-ergodic behaviours illustrating the complex nature of botnet operation and highlighting the need for rigorous statistical analysis as part of the engineering process. Graduate 0984, 0537, 0544 2013-04-17T22:10:54Z 2013-04-17T22:10:54Z 2013 2013-04-17 Thesis http://hdl.handle.net/1828/4526 English en Available to the World Wide Web
collection NDLTD
language English
en
sources NDLTD
topic botnets
machines
cybersecurity
statistical analysis
spellingShingle botnets
machines
cybersecurity
statistical analysis
Godkin, Teghan
Statistical Assessment of Peer-to-Peer Botnet Features
description Botnets are collections of compromised machines which are controlled by a remotely located adversary. Botnets are of signi cant interest to cybersecurity researchers as they are a core mechanism that allows adversarial groups to gain control over large scale computing resources. Recent botnets have become increasingly complex, relying on Peer-to-Peer (P2P) protocols for botnet command and control (C&C). In this work, a packet-level simulation of a Kademlia-based P2P botnet is used in conjunction with a statistical analysis framework to investigate how measured botnet features change over time and across an ensemble of simulations. The simulation results include non-stationary and non-ergodic behaviours illustrating the complex nature of botnet operation and highlighting the need for rigorous statistical analysis as part of the engineering process. === Graduate === 0984, 0537, 0544
author2 Neville, Stephen William
author_facet Neville, Stephen William
Godkin, Teghan
author Godkin, Teghan
author_sort Godkin, Teghan
title Statistical Assessment of Peer-to-Peer Botnet Features
title_short Statistical Assessment of Peer-to-Peer Botnet Features
title_full Statistical Assessment of Peer-to-Peer Botnet Features
title_fullStr Statistical Assessment of Peer-to-Peer Botnet Features
title_full_unstemmed Statistical Assessment of Peer-to-Peer Botnet Features
title_sort statistical assessment of peer-to-peer botnet features
publishDate 2013
url http://hdl.handle.net/1828/4526
work_keys_str_mv AT godkinteghan statisticalassessmentofpeertopeerbotnetfeatures
_version_ 1716729541213290496

Similar Items