The Probability Model of Peer-to-Peer Botnet Propagation
نویسندگان
چکیده
Active Peer-to-Peer worms are great threat to the network security since they can propagate in automated ways and flood the Internet within a very short duration. Modeling a propagation process can help us to devise effective strategies against a worm’s spread. This paper presents a study on modeling a worm’s propagation probability in a P2P overlay network and proposes an optimized patch strategy for defenders. Firstly, we present a probability matrix model to construct the propagation of P2P worms. Our model involves three indispensible aspects for propagation: infected state, vulnerability distribution and patch strategy. Based on a fully connected graph, our comprehensive model is highly suited for real world cases like Code Red II. Finally, by inspecting the propagation procedure, we propose four basic tactics for defense of P2P botnets. The rationale is exposed by our simulated experiments and the results show these tactics are of effective and have considerable worth in being applied in real-world networks
منابع مشابه
Study of the Honeypot-Aware Peer-to-Peer Botnet and Its Feasibility
The research objective of this project is to investigate one possible advanced botnet – honeypotaware peer-to-peer (P2P) botnet: verifying our analysis of the propagation of a honeypot-aware P2P botnet, and then showing the feasibility of developing a such botnet in terms of its propagation effectiveness. A “botnet” is a network composed of compromised computers (“bots”) on the Internet, that a...
متن کاملRater Errors among Peer-Assessors: Applying the Many-Facet Rasch Measurement Model
In this study, the researcher used the many-facet Rasch measurement model (MFRM) to detect two pervasive rater errors among peer-assessors rating EFL essays. The researcher also compared the ratings of peer-assessors to those of teacher assessors to gain a clearer understanding of the ratings of peer-assessors. To that end, the researcher used a fully crossed design in which all peer-assessors ...
متن کاملAccurate Detection of Peer-to-Peer Botnet using Multi-Stream Fused Scheme
Nowadays decentralized botnets pose a great threat to Internet. They evolve new features such as P2P Command and Control(C&C), which makes traditional detection methods no longer effective for indicating the existence of the bots. In this paper, based on several of the new P2P botnet characteristic properties, we propose a novel real-time detecting model – MSFM (Multi-Stream Fused Model). MSFM ...
متن کاملA Genetic Programming-based trust model for P2P Networks
Abstract— Peer-to-Peer ( P2P ) systems have been the center of attention in recent years due to their advantage . Since each node in such networks can act both as a service provider and as a client , they are subject to different attacks . Therefore it is vital to manage confidence for these vulnerable environments in order to eliminate unsafe peers . This paper investigates the use of genetic ...
متن کاملA Comparative Analysis of the Resilience of Peer–to–Peer Botnets
Botnets have traditionally used centralized architectures for command and control. In such architectures, a relatively small number of centralized servers is used to command the bots. Centralized botnet architectures are straightforward to deploy, but relatively easy to take down by disabling the command and control servers. In an effort to increase the resilience of their botnets, malware crea...
متن کامل