Title :
A study of strategies to restrain the C&C activities of structured P2P botnets
Author :
Tianzuo Wang ; Huaimin Wang ; Bo Liu ; Hao Ren ; Xiaolong Ma
Author_Institution :
Sch. of Comput. Sci., Nat. Univ. of Defense Technol., Changsha, China
Abstract :
Botnets are threatening the Internet heavily, and more and more botnets are utilizing the P2P technology to build their C&C (Command and Control) mechanisms. Some research have been made to compare the resilience of structured P2P botnets and unstructured ones, against elimination of nodes, but the problem that which eliminating strategy is the best is rarely studied. In this paper, we proposed a new metric called the half point, to measure the effectiveness of different strategies. We also selected seven different eliminating strategies and compared them. Through extensive simulations, we find that RBC is the best eliminating strategy. Further analysis shows that for the strategy RBC, the average degree of nodes in the botnet have the most significant influence. The bigger the average degree is, the bigger the half point of RBC is, which implies that node eliminating may not be a reasonable choice for mitigating botnets with big average degree. Results of this paper can provide guidance for restraining structured P2P botnets.
Keywords :
Internet; command and control systems; computer network security; peer-to-peer computing; C&C activities; Internet; RBC; best eliminating strategy; command and control mechanisms; node elimination; structured P2P botnets; C&C mechanism; betweenness centrality; coreness; eliminating strategy; half point; restrain; structured P2P botnets;
Conference_Titel :
Computing and Convergence Technology (ICCCT), 2012 7th International Conference on
Conference_Location :
Seoul
Print_ISBN :
978-1-4673-0894-6
