Statistical Assessment of Peer-to-Peer Botnet Features

Files

Godkin_Teghan_MASc_2013.pdf (766.41 KB)

Date

2013-04-17

Authors

Godkin, Teghan

Journal Title

Journal ISSN

Volume Title

Publisher

Abstract

Botnets are collections of compromised machines which are controlled by a remotely located adversary. Botnets are of signi cant interest to cybersecurity researchers as they are a core mechanism that allows adversarial groups to gain control over large scale computing resources. Recent botnets have become increasingly complex, relying on Peer-to-Peer (P2P) protocols for botnet command and control (C&C). In this work, a packet-level simulation of a Kademlia-based P2P botnet is used in conjunction with a statistical analysis framework to investigate how measured botnet features change over time and across an ensemble of simulations. The simulation results include non-stationary and non-ergodic behaviours illustrating the complex nature of botnet operation and highlighting the need for rigorous statistical analysis as part of the engineering process.

Description

Keywords

botnets, machines, cybersecurity, statistical analysis

Citation

URI

http://hdl.handle.net/1828/4526

Collections

Electronic Theses and Dissertations (ETD)
 
University of Victoria Libraries

We acknowledge and respect the Lək̓ʷəŋən (Songhees and Esquimalt) Peoples on whose territory the university stands, and the Lək̓ʷəŋən and W̱SÁNEĆ Peoples whose historical relationships with the land continue to this day.