Title :
P2P botnet detection based on association between common network behaviors and host behaviors
Author :
Yin, Chunyong ; Ghorbani, Ali A.
Author_Institution :
Sch. of Comput. & Software, Nanjing Univ. of Inf. Sci. & Technol., Nanjing, China
Abstract :
Botnet has become the most serious security threats on the current Internet infrastructure. Botnet is a group of compromised computers (Bots) which are remotely controlled by its originator (BotMaster) under a common Commond-and-Control (C&C) infrastructure. Botnets can not only be implemented by existing well known applications, but also can be constructed by unknown or creative applications, which makes the botnet detection a challenging problem. Because the P2P (peer to peer) botnet is a distributed malicious software network, it is more difficult to detect this bot. In this paper, we proposed a new general p2p Botnet detection framework. Our framework is based on the association between common p2p network behaviors and host behaviors.
Keywords :
Internet; peer-to-peer computing; security of data; BotMaster; C&C infrastructure; Internet infrastructure; P2P network; botnet detection; commond-and-control infrastructure; compromised computers; host behaviors; network behaviors; security threats; Computers; Feature extraction; Filtering; Information science; Malware; Peer to peer computing; Software; bot; botnet; host behavior; network behavior; p2p;
Conference_Titel :
Multimedia Technology (ICMT), 2011 International Conference on
Conference_Location :
Hangzhou
Print_ISBN :
978-1-61284-771-9
DOI :
10.1109/ICMT.2011.6001651
