Title :
Application Entropy Theory to Detect New Peer-to-Peer Botnet with Multi-chart CUSUM
Author :
Kang, Jian ; Zhang, Jun-Yao
Author_Institution :
Dept. of Comput. Sci. & Technol., Jilin Univ., Changchun, China
Abstract :
Botnets have been recognized as one of the most important threats to the security of the Internet. They engage in distributed denial of service (DDOS) attacks, email spamming and other malicious activities likewise. As evolving new features such as decentralized architecture, using P2P networks and etc, new peer-to-peer(P2P) botnets could no longer be indicated effectively and accurately by using the traditional detection methods. And we believe that adopting more sophisticated methods from being detected would be the very trend of future botnet development. Thus, in this paper, based on several of the new P2P botnet characteristic properties, we propose a novel detecting method applying the information entropy theory in the detection multi-chart CUSUM. With verification of experiments, it successfully detects the botnet with a relatively high precision.
Keywords :
Internet; entropy; peer-to-peer computing; security of data; software agents; Internet security; application entropy theory; decentralized architecture; distributed denial of service attacks; email spamming; malicious activities; multichart CUSUM; peer-to-peer botnet detection; Application software; Computer security; Electronic commerce; Information entropy; Internet; Network servers; Peer to peer computing; Storms; Testing; Web server; Detection; Information Entropy; Multi-chart CUSUM; P2P Botnet; Storm;
Conference_Titel :
Electronic Commerce and Security, 2009. ISECS '09. Second International Symposium on
Conference_Location :
Nanchang
Print_ISBN :
978-0-7695-3643-9
DOI :
10.1109/ISECS.2009.61
