Affiliation:
1. Nanjing University of Information Science and Technology
Abstract
The botnet consists of some computers controlled by an attacker and has become a major threat to the internet and users. Because the p2p botnet is a distributed network, making the identification of p2p bots is very difficult. In response to this threat, we present a p2p identification algorithm based on topology. This method only depends on three network behavior features. Our approach has a high detection rate and an acceptable low false alarm rate.
Publisher
Trans Tech Publications, Ltd.
Reference13 articles.
1. C. Mazzariello: IRC traffic analysis for botnet detection. In: 2008 Fourth International Conference on Information Assurance and Security (IAS), pp.318-323. IEEE, USA (2008).
2. B. McCarty: Botnets: Big and bigger. Security & Privacy, IEEE, 1 (2003) 87-90.
3. Information on http: /www. utdallas. edu.
4. G. P. Schaffer: Worms and viruses and botnets, oh my! Rational responses to emerging Internet threats. Security & Privacy, IEEE, 4 (2006) 52-58.
5. Binkley, J. R. and S. Singh: An algorithm for anomaly-based botnet detection. In: 2nd Workshop on Steps to Reducing Unwanted Traffic on the Internet, pp.43-38, USENIX Association, USA (2006).