Abstract
Peer-to-peer (P2P) botnets are known to be highly resilient to takedown attempts. Such attempts are usually carried out by exploiting vulnerabilities in the bots communication protocol. However, a failed takedown attempt may alert botmasters and allow them to patch their vulnerabilities to thwart subsequent attempts. As a promising solution, takedowns could be evaluated in simulation environments before attempting them in the real world. To ensure such simulations are as realistic as possible, the churn behavior of botnets must be understood and measured accurately. This paper discusses potential pitfalls when measuring churn in live P2P botnets and proposes a botnet monitoring framework for uniform data collection and churn measurement for P2P botnets.
| Original language | English |
|---|---|
| Title of host publication | CCS 2019 - Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security |
| Number of pages | 3 |
| Publisher | Association for Computing Machinery |
| Publication date | 2019 |
| Pages | 2661-2663 |
| ISBN (Print) | 978-1-4503-6747-9 |
| DOIs | |
| Publication status | Published - 2019 |
| Event | Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security: CCS`19 - London, United Kingdom Duration: 11 Nov 2019 → 15 Nov 2019 |
Conference
| Conference | Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security |
|---|---|
| Country/Territory | United Kingdom |
| City | London |
| Period | 11/11/2019 → 15/11/2019 |
Keywords
- botnets
- churn
- P2P botnets