1 option
2010 IEEE 30th IEEE International Conference on Distributed Computing Systems
- Format:
- Book
- Author/Creator:
- Institute of Electrical and Electronics Engineers (IEEE), author, issuing body.
- Language:
- English
- Subjects (All):
- Electronic data processing--Distributed processing--Congresses.
- Electronic data processing.
- Physical Description:
- 1 online resource : illustrations
- Place of Publication:
- [Place of publication not identified] IEEE 2010
- Language Note:
- English
- Summary:
- Peer-to-peer (P2P) substrates are now widely used for both file-sharing and botnet command-and-control. Despite the commonality of their substrates, we show that the different goals and circumstances of these applications give rise to behaviors that can be distinguished in network flow records. Using features related to traffic volume, "churn" among peers, and differences between human-driven and machine-driven traffic, we develop a technique for identifying P2P bots (the Plotters) and, in particular, separating them from file-sharing hosts (the Traders). Evaluations performed on traffic recorded at the edge of a university network show that we can achieve, e.g., 87.50% detection of Storm bots with a 0.47% false positive rate. We also demonstrate the significant extent to which Plotter behaviors would need to change to evade our technique.
- Notes:
- Bibliographic Level Mode of Issuance: Monograph
- ISBN:
- 9781424472628
- 1424472628
The Penn Libraries is committed to describing library materials using current, accurate, and responsible language. If you discover outdated or inaccurate language, please fill out this feedback form to report it and suggest alternative language.