Agent-based Modeling and Simulation of Botnets and Botnet Defense

نویسندگان

  • Igor Kotenko
  • Alexey Konovalov
  • Andrey Shorov
چکیده

Nowadays we are witnesses of the rapid spread of botnets across the Internet and using them for different cyber attacks against our systems. Botnets join a huge number of compromised computers in the Internet and allow using these computers for performing vulnerability scans, distributing denial-of-service (DDoS) attacks and sending enormous amounts of spam emails. It is a very complex task to detect such botnets and protect against their attacks. The paper considers the approach to the investigation of botnets and botnet defense mechanisms. The approach is based on the agent-based simulation of cyber attacks and cyber defense mechanisms, which combines discrete-event simulation, multi-agent approach and packet-level simulation of network protocols. The various methods of botnet attacks and counteraction against botnet DDoS attacks are explored by representing botnets and botnet defense components as agent teams using the software simulation environment under development. Agents are supposed to collect information from various sources, use different knowledge, forecast the intentions and actions of other agents, try to deceive the agents of competing team, react to actions of other agents. The teams of defense agents are able to cooperate as the defense system components of different organizations and Internet service providers (ISPs). The paper outlines the common framework and implementation peculiarities of the simulation environment as well as the experiments aimed on the investigation of botnets and botnet DDoS defense mechanisms.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Experiments With Simulation Of Botnets And Defense Agent Teams

Botnets allow malefactors manage millions of infected computers simultaneously and provide large-scale successful attacks. The paper suggests an approach for multi-agent simulation of botnets and botnet protection mechanisms. The main contribution of the paper is an improved simulation environment for agent based simulation of botnets and experimentation with this environment for analysis of di...

متن کامل

BotOnus: an online unsupervised method for Botnet detection

Botnets are recognized as one of the most dangerous threats to the Internet infrastructure. They are used for malicious activities such as launching distributed denial of service attacks, sending spam, and leaking personal information. Existing botnet detection methods produce a number of good ideas, but they are far from complete yet, since most of them cannot detect botnets in an early stage ...

متن کامل

BotRevealer: Behavioral Detection of Botnets based on Botnet Life-cycle

Nowadays, botnets are considered as essential tools for planning serious cyberattacks. Botnets are used to perform various malicious activities such as DDoSattacks and sending spam emails. Different approaches are presented to detectbotnets; however most of them may be ineffective when there are only a fewinfected hosts in monitored network, as they rely on similarity in...

متن کامل

Analysis of Peer-to-Peer Botnet Attacks and Defenses

A “botnet” is a network of computers that are compromised and controlled by an attacker (botmaster). Botnets are one of the most serious threats to today’s Internet. Most current botnets have centralized command and control (C&C) architecture. However, peer-to-peer (P2P) structured botnets have gradually emerged as a new advanced form of botnets. Due to the distributive nature of P2P networks, ...

متن کامل

HF-Blocker: Detection of Distributed Denial of Service Attacks Based On Botnets

Abstract—Today, botnets have become a serious threat to enterprise networks. By creation of network of bots, they launch several attacks, distributed denial of service attacks (DDoS) on networks is a sample of such attacks. Such attacks with the occupation of system resources, have proven to be an effective method of denying network services. Botnets that launch HTTP packet flood attacks agains...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2010