Deployment of Sensor Nodes in Botnets
This chapter discusses in-depth on the challenges of monitoring P2P botnets using a sensor as well as the viable solution to circumvent them. Most of the related work have mentioned that sensors are difficult to be detected due to the passive nature of the sensors. Despite that, in this chapter, three novel sensor detection mechanisms based on graph-theoretic approaches are presented. These proposed detection mechanisms were compared and evaluated by using real world datasets. The results indicate that if the proposed mechanisms are being deployed by botmasters, existing types of sensors are easily detected. To give an upper hand back to the defenders, this chapter also discusses the steps to circumvent the proposed mechanisms.
Parts of the contributions of this chapter is funded by Universiti Sains Malaysia (USM) through Short Term Research Grant, No: 304/PNAV/6313332.
- 1.Andriesse, D., Rossow, C., Bos, H.: Reliable recon in adversarial peer-to-peer botnets. In: ACM SIGCOMM Internet Measurement Conference (IMC) (2015)Google Scholar
- 2.Böck, L., Karuppayah, S., Grube, T., Mühlhäuser, M., Fischer, M.: Hide and seek: detecting sensors in P2P botnets. In: IEEE Conference on Communications and Network Security, pp. 731–732 (2015)Google Scholar
- 3.Hagberg, A.A., Schult, D.A., Swart, P.J.: Exploring network structure, dynamics, and function using NetworkX. In: Proceedings of the 7th Python in Science Conference (SciPy2008), vol. 836, pp. 11–15 (2008)Google Scholar
- 4.Page, L., Brin, S., Motwani, R., Winograd, T.: The PageRank Citation Ranking: Bringing Order to the Web. Technical report, Stanford InfoLab (1999)Google Scholar
- 5.Pedregosa, F., Varoquaux, G., Gramfort, A., Michel, V., Thirion, B., Grisel, O., Blondel, M., Prettenhofer, P., Weiss, R., Dubourg, V., Vanderplas, J., Passos, A., Cournapeau, D., Brucher, M., Perrot, M., Duchesnay, E.: Scikit-learn: machine learning in Python. J. Mach. Learn. Res. 12, 2825–2830 (2011)MathSciNetzbMATHGoogle Scholar
- 6.Stutzbach, D., Rejaie, R.: Understanding churn in peer-to-peer networks. In: Proceedings of the 6th ACM SIGCOMM Conference on Internet Measurement (2006)Google Scholar
- 9.Yan, J., Ying, L., Yang, Y., Su, P., Li, Q., Kong, H., Feng, D.: Revisiting Node Injection of P2P Botnet. Lecture Notes in Computer Science, vol. 8792. Springer International Publishing, Cham (2014)Google Scholar