• DocumentCode
    3309346
  • Title

    Detecting New P2P Botnet with Multi-chart CUSUM

  • Author

    Kang, Jian ; Zhang, Jun-Yao ; Li, Qiang ; Li, Zhuo

  • Author_Institution
    Dept. of Comput. Sci. & Technol., Jilin Univ., Changchun
  • Volume
    1
  • fYear
    2009
  • fDate
    25-26 April 2009
  • Firstpage
    688
  • Lastpage
    691
  • Abstract
    Botnets have been recognized as one of the most important threats to the Internet security. They are engaged in DDOS attacks, email spamming and other malicious activities likewise. Traditional botnets usually organized themselves in a hierarchy architecture, which offers professionals opportunities to detect or defend the botnets in their servers. However, newly-appeared P2P botnet such as Storm botnet, are revealing a decentralized feature, which brought difficulties in detection and mitigation. We believe that it is the very trend of future botnet development - adopting more sophisticated methods from being detected. Thus, in this paper, we analyze the basic principles and mechanism of this decentralized P2P botnet, and present a novel detecting method using multi-chart CUSUM.
  • Keywords
    Internet; invasive software; unsolicited e-mail; DDOS attacks; Internet security; Storm botnet; decentralized P2P botnet; email spamming; malicious activities; multi-chart CUSUM; Computer networks; Computer science; Computer security; IP networks; Internet; Network servers; Storms; Testing; Web server; Wireless communication; Detection; Multi-chart CUSUM; P2P Botnet; Storm;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Networks Security, Wireless Communications and Trusted Computing, 2009. NSWCTC '09. International Conference on
  • Conference_Location
    Wuhan, Hubei
  • Print_ISBN
    978-1-4244-4223-2
  • Type

    conf

  • DOI
    10.1109/NSWCTC.2009.107
  • Filename
    4908357
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3309346