P2P Botnets detection based on user behavior sociality and traffic entropy function

Author

Zhigang, Jin ; Ying, Wang ; Bo, Wei

Author_Institution

Sch. of Electron. Inf. Eng., Tianjin Univ., Tianjin, China

fYear

2012

fDate

21-23 April 2012

Firstpage

1953

Lastpage

1955

Abstract

Monitoring data of recent years from Symantec Company shows Botnet is becoming the base of all network crime. As P2P is being more widely used these days, some new Bots use P2P protocols to construct command and control system. This paper introduces Botnet detection methods, studies detection mechanism towards P2P Botnets based on user behavior, and proposes a new case to identify P2P Botnet. To test and verify function of the method we provide, a simple experiment platform is designed and implemented.

Keywords

command and control systems; computer network security; data mining; entropy; human computer interaction; peer-to-peer computing; protocols; telecommunication traffic; P2P botnets detection; P2P protocols; Symantec Company; command-and-control system; data mining; data monitoring; function testing; function verification; network crime; social network analysis; traffic entropy function; user behavior sociality; Command and control systems; Communities; Entropy; IP networks; Peer to peer computing; Servers; Social network services; Botnet; Entropy; P2P; Sociality Analysis;

fLanguage

English

Publisher

ieee

Conference_Titel

Consumer Electronics, Communications and Networks (CECNet), 2012 2nd International Conference on

Conference_Location

Yichang

Print_ISBN

978-1-4577-1414-6

Type

conf

DOI

10.1109/CECNet.2012.6202113

Filename

6202113