IJEM Vol. 2, No. 1, 29 Feb. 2012
Cover page and Table of Contents: PDF (size: 132KB)
Full Text (PDF, 132KB), PP.22-26
Views: 0 Downloads: 0
Intrusion, P2P botnet, successful connection rate, flow, average packet, clustering
Through the research on the mechanism of the P2P botnet, this paper proposes a algorithm of intrusion detection by P2P botnet based on the analysis of successful connection rate. According to the flow, it gets a data collection including three vectors, such as source IP, destination IP and package size, does dynamic analysis of the successful connection rate and average packet. Through the comparison with the methods between the traditional network and normal P2P,this paper provides intuitive figures in which we could locate the position of intrusion by P2P botnet accurately, therefore the algorithm could provide the gist for detecting the intrusion in time.
LIU Jian-bo,"The Detection of Intrusion Through P2P Botnet Based on the Analysis of Successful Connection Rate and Average Packet", IJEM, vol.2, no.1, pp.22-26, 2012. DOI: 10.5815/ijem.2012.01.04
[1] ZHANG Chen, WANG Liang, XIONG Wen-zhu. Technologies of P2P Botnet detection [J]. Journal of Computer Applications, 2010.30(6):117-118.
[2] WANG Tao,YU Shun-zheng. NovelM ethod for Detecting Centralized Botnet [J]. Journal ofChinese ComputerSystems, 2010.31(3):512-514.
[3] Zhang Xi Tang Heping. Study on Botnet Based on P2P [J]. Computer & Digital Engineering.2009.37(2):94-95
[4] YU Xiaocong,DONG Xiaomei1,YU Ge et al. Online Botnet Detection Technique [J].JGeomatics and Information Science of Wuhan University.2010.35(5):579-580.
[5] Karasaridis A, Rexroad B, Hoeflin D. Wide-scaleBotnet Detection and Characterization[C]. The 1stWorkshop on Hot Topics in UnderstandingBotnets,Cambridge,2007.
[6] AnagnostakisK G, Sidiroglou S, Akritidis P, et a.l Detecting tar-geted attacks using shadow honeypots[C]. In Proceedings of14thUSENIX Security Symposium, August2005,142-144.
[7] Wang P, Sparks S, Zou CC. An Advanced HybridPeer-to-Peer Botnet[C]. Proc. of the 1st Workshop on HotTopics in Understanding Botnets (HotBots 2007), Boston,2007
[8] ZHOU LINGYUN. VMM-based framework for P2P Botnets tracking and detection[C]//Proceedings of the 2009 International Confercence on Information Technology and Computer Science. Washing-ton, DC:IEEE Computer Society, 2009:174-175.