Challenges of Accurately Measuring Churn in P2P Botnets

Leon Böck, Shankar Karuppayah, Kory Fong, Max Mühlhäuser, Emmanouil Vasilomanolakis

Research output: Contribution to book/anthology/report/conference proceedingArticle in proceedingResearchpeer-review

Abstract

Peer-to-peer (P2P) botnets are known to be highly resilient to takedown attempts. Such attempts are usually carried out by exploiting vulnerabilities in the bots communication protocol. However, a failed takedown attempt may alert botmasters and allow them to patch their vulnerabilities to thwart subsequent attempts. As a promising solution, takedowns could be evaluated in simulation environments before attempting them in the real world. To ensure such simulations are as realistic as possible, the churn behavior of botnets must be understood and measured accurately. This paper discusses potential pitfalls when measuring churn in live P2P botnets and proposes a botnet monitoring framework for uniform data collection and churn measurement for P2P botnets.
Original languageEnglish
Title of host publicationACM Conference on Computer and Communications Security (CCS)
Number of pages3
PublisherAssociation for Computing Machinery
Publication date2019
Pages2661-2663
ISBN (Print)978-1-4503-6747-9
DOIs
Publication statusPublished - 2019
EventProceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security: CCS`19 - London, United Kingdom
Duration: 11 Nov 201915 Nov 2019

Conference

ConferenceProceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security
CountryUnited Kingdom
CityLondon
Period11/11/201915/11/2019

Fingerprint

Botnet
Network protocols
Monitoring

Keywords

  • botnets
  • churn
  • P2P botnets

Cite this

Böck, L., Karuppayah, S., Fong, K., Mühlhäuser, M., & Vasilomanolakis, E. (2019). Challenges of Accurately Measuring Churn in P2P Botnets. In ACM Conference on Computer and Communications Security (CCS) (pp. 2661-2663). Association for Computing Machinery. https://doi.org/10.1145/3319535.3363281
Böck, Leon ; Karuppayah, Shankar ; Fong, Kory ; Mühlhäuser, Max ; Vasilomanolakis, Emmanouil. / Challenges of Accurately Measuring Churn in P2P Botnets. ACM Conference on Computer and Communications Security (CCS). Association for Computing Machinery, 2019. pp. 2661-2663
@inproceedings{0f3a2b3a8ddc4853b065870db86db901,
title = "Challenges of Accurately Measuring Churn in P2P Botnets",
abstract = "Peer-to-peer (P2P) botnets are known to be highly resilient to takedown attempts. Such attempts are usually carried out by exploiting vulnerabilities in the bots communication protocol. However, a failed takedown attempt may alert botmasters and allow them to patch their vulnerabilities to thwart subsequent attempts. As a promising solution, takedowns could be evaluated in simulation environments before attempting them in the real world. To ensure such simulations are as realistic as possible, the churn behavior of botnets must be understood and measured accurately. This paper discusses potential pitfalls when measuring churn in live P2P botnets and proposes a botnet monitoring framework for uniform data collection and churn measurement for P2P botnets.",
keywords = "botnets, churn, P2P botnets",
author = "Leon B{\"o}ck and Shankar Karuppayah and Kory Fong and Max M{\"u}hlh{\"a}user and Emmanouil Vasilomanolakis",
year = "2019",
doi = "10.1145/3319535.3363281",
language = "English",
isbn = "978-1-4503-6747-9",
pages = "2661--2663",
booktitle = "ACM Conference on Computer and Communications Security (CCS)",
publisher = "Association for Computing Machinery",
address = "United States",

}

Böck, L, Karuppayah, S, Fong, K, Mühlhäuser, M & Vasilomanolakis, E 2019, Challenges of Accurately Measuring Churn in P2P Botnets. in ACM Conference on Computer and Communications Security (CCS). Association for Computing Machinery, pp. 2661-2663, Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, London, United Kingdom, 11/11/2019. https://doi.org/10.1145/3319535.3363281

Challenges of Accurately Measuring Churn in P2P Botnets. / Böck, Leon; Karuppayah, Shankar ; Fong, Kory; Mühlhäuser, Max; Vasilomanolakis, Emmanouil.

ACM Conference on Computer and Communications Security (CCS). Association for Computing Machinery, 2019. p. 2661-2663.

Research output: Contribution to book/anthology/report/conference proceedingArticle in proceedingResearchpeer-review

TY - GEN

T1 - Challenges of Accurately Measuring Churn in P2P Botnets

AU - Böck, Leon

AU - Karuppayah, Shankar

AU - Fong, Kory

AU - Mühlhäuser, Max

AU - Vasilomanolakis, Emmanouil

PY - 2019

Y1 - 2019

N2 - Peer-to-peer (P2P) botnets are known to be highly resilient to takedown attempts. Such attempts are usually carried out by exploiting vulnerabilities in the bots communication protocol. However, a failed takedown attempt may alert botmasters and allow them to patch their vulnerabilities to thwart subsequent attempts. As a promising solution, takedowns could be evaluated in simulation environments before attempting them in the real world. To ensure such simulations are as realistic as possible, the churn behavior of botnets must be understood and measured accurately. This paper discusses potential pitfalls when measuring churn in live P2P botnets and proposes a botnet monitoring framework for uniform data collection and churn measurement for P2P botnets.

AB - Peer-to-peer (P2P) botnets are known to be highly resilient to takedown attempts. Such attempts are usually carried out by exploiting vulnerabilities in the bots communication protocol. However, a failed takedown attempt may alert botmasters and allow them to patch their vulnerabilities to thwart subsequent attempts. As a promising solution, takedowns could be evaluated in simulation environments before attempting them in the real world. To ensure such simulations are as realistic as possible, the churn behavior of botnets must be understood and measured accurately. This paper discusses potential pitfalls when measuring churn in live P2P botnets and proposes a botnet monitoring framework for uniform data collection and churn measurement for P2P botnets.

KW - botnets

KW - churn

KW - P2P botnets

U2 - 10.1145/3319535.3363281

DO - 10.1145/3319535.3363281

M3 - Article in proceeding

SN - 978-1-4503-6747-9

SP - 2661

EP - 2663

BT - ACM Conference on Computer and Communications Security (CCS)

PB - Association for Computing Machinery

ER -

Böck L, Karuppayah S, Fong K, Mühlhäuser M, Vasilomanolakis E. Challenges of Accurately Measuring Churn in P2P Botnets. In ACM Conference on Computer and Communications Security (CCS). Association for Computing Machinery. 2019. p. 2661-2663 https://doi.org/10.1145/3319535.3363281