Modeling peer-to-peer botnets

Elizabeth Van Ruitenbeek, William H. Sanders

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Peer-to-peer botnets are a relatively new yet rapidly growing Internet threat. In the year since its introduction in January 2007, the Storm Worm peer-to-peer botnet has become the largest botnet on the Internet. Unlike previous botnets operating over IRC channels, the Storm Worm botnet uses a decentralized peer-to-peer network to communicate among the bots and to control their computing power. While a centralized control structure can be toppled relatively easily by finding and disconnecting the head, a decentralized control structure is much harder to dismantle. Given this reality, security researchers must find new ways to defend against peer-to-peer botnets. Toward that aim, we have developed a stochastic model of peer-to-peer botnet formation to provide insight on possible defense tactics. We use the stochastic model to examine how different factors impact the growth of the botnet. Simulation results from the model evaluate the effectiveness both of prevention measures and of detection and disinfection methods. In this way, the simulation results from our peer-to-peer botnet model provide guidance for the design of future anti-malware systems.

Original languageEnglish (US)
Title of host publicationProceedings - 5th International Conference on the Quantitative Evaluation of Systems, QEST 2008
Pages307-316
Number of pages10
DOIs
StatePublished - 2008
Externally publishedYes
Event5th International Conference on the Quantitative Evaluation of Systems, QEST 2008 - St. Malo, France
Duration: Sep 14 2008Sep 17 2008

Publication series

NameProceedings - 5th International Conference on the Quantitative Evaluation of Systems, QEST 2008

Other

Other5th International Conference on the Quantitative Evaluation of Systems, QEST 2008
Country/TerritoryFrance
CitySt. Malo
Period9/14/089/17/08

ASJC Scopus subject areas

  • Computational Theory and Mathematics
  • Hardware and Architecture
  • Control and Systems Engineering

Fingerprint

Dive into the research topics of 'Modeling peer-to-peer botnets'. Together they form a unique fingerprint.

Cite this