Loading [a11y]/accessibility-menu.js
Disrupting stealthy botnets through strategic placement of detectors | IEEE Conference Publication | IEEE Xplore

Disrupting stealthy botnets through strategic placement of detectors


Abstract:

In recent years, botnets have gained significant attention due to their extensive use in various kinds of criminal or otherwise unauthorized activities. Botnets have beco...Show More

Abstract:

In recent years, botnets have gained significant attention due to their extensive use in various kinds of criminal or otherwise unauthorized activities. Botnets have become increasingly sophisticated, and studies have shown that they can significantly reduce their footprint and increase their dwell time. Therefore, modern botnets can operate in stealth mode and evade detection for extended periods of time. In order to address this problem, we propose a proactive approach to strategically deploy detectors on selected network nodes, so as to either completely disrupt communication between bots and command and control nodes, or at least force the attacker to create more bots, therefore increasing the footprint of the botnet and the likelihood of detection. As the detector placement problem is intractable, we propose heuristics based on several centrality measures. Simulations results confirm that our approach can effectively increase complexity for the attacker.
Date of Conference: 28-30 September 2015
Date Added to IEEE Xplore: 07 December 2015
Electronic ISBN:978-1-4673-7876-5
Conference Location: Florence, Italy

References

References is not available for this document.