An Overview of the Botnet Simulation Framework

Leon Böck, Shankar Karuppayah, Max Mühlhäuser, Emmanouil Vasilomanolakis

Research output: Contribution to journalConference article in JournalResearchpeer-review

90 Downloads (Pure)

Abstract

Conducting research on botnets is often-times limited to the analysis of active botnets. This prevents researchers from testing detection and tracking mechanisms on potential future threats. Specifically, in the domain of P P botnets, the protocol specifics, network churn and anti-tracking mechanisms greatly impact the success or failure of monitoring operations. Moreover, experiments on real world botnets, commonly lack ground truth to verify the findings. As developing and deploying botnets of sufficient size is accompanied by large costs and administration efforts, this paper attempts to address this issue by introducing a simulation framework for P P botnets called Botnet Simulation Framework (BSF). BSF can simulate monitoring operations in botnets of more than 20.000 bots to evaluate tracking mechanisms or simulate takedown efforts. Moreover, communication traces can be exported to inject traffic into arbitrary PCAP files for training and evaluation of intrusion detection systems.
Original languageEnglish
JournalThe Journal on Cybercrime & Digital Investigations
Volume6
Issue number1
Pages (from-to)1-10
Number of pages10
ISSN2494-2715
DOIs
Publication statusPublished - 6 Dec 2020
EventBotconf 2020 - Online Webinar, Nantes, France
Duration: 1 Dec 20204 Dec 2020

Conference

ConferenceBotconf 2020
LocationOnline Webinar
Country/TerritoryFrance
CityNantes
Period01/12/202004/12/2020

Keywords

  • botnets
  • P2P botnets

Fingerprint

Dive into the research topics of 'An Overview of the Botnet Simulation Framework'. Together they form a unique fingerprint.

Cite this