Analysis and detection of P2P botnet connections based on node behaviour

M.R. Rostami, B. Shanmugam, N.B. Idris

Research output: Chapter in Book/Report/Conference proceedingConference Paper published in Proceedings

Abstract

Fast development of computer and especially Internet caused many issues for its users as well as its benefits. Nowadays, cyber criminals are utilizing Botnets to reach their goals. They have noticed that centralized structure is detected quickly. Hence the Peer to Peer Botnets are the most recent kind of Botnets that, they are applying encryption as well as rootkit capabilities to not being detected. In addition they mimic the performance of P2P software such as BitTorrent to make hard distinguishing the healthy packet from malicious packet in a large dataset. The proposed method is based on the correlation of Process Name besides the Ports as well as the Network Traffic. In the existing Operating Systems, every process is assigned a number that is called Port. By using this unique port and the process name, our experimental results show an acceptable rate of detection.
Original languageEnglish
Title of host publicationProceedings of the 2011 World Congress on Information and Communication Technologies, WICT 2011
PublisherIEEE, Institute of Electrical and Electronics Engineers
Pages928-933
Number of pages6
ISBN (Print)978-146730125-1
DOIs
Publication statusPublished - 2011
Externally publishedYes
Event2011 World Congress on Information and Communication Technologies - Mumbai; India
Duration: 11 Dec 201114 Dec 2011

Conference

Conference2011 World Congress on Information and Communication Technologies
Abbreviated titleWICT 2011
Period11/12/1114/12/11

Fingerprint Dive into the research topics of 'Analysis and detection of P2P botnet connections based on node behaviour'. Together they form a unique fingerprint.

  • Cite this

    Rostami, M. R., Shanmugam, B., & Idris, N. B. (2011). Analysis and detection of P2P botnet connections based on node behaviour. In Proceedings of the 2011 World Congress on Information and Communication Technologies, WICT 2011 (pp. 928-933). [6141372] IEEE, Institute of Electrical and Electronics Engineers. https://doi.org/10.1109/WICT.2011.6141372