Please use this identifier to cite or link to this item:
http://dspace.bits-pilani.ac.in:8080/jspui/xmlui/handle/123456789/8379| Title: | PeerShark: Detecting Peer-to-Peer Botnets by Tracking Conversations |
| Authors: | Narang, Pratik |
| Keywords: | Computer Science Peer-to-peer Botnet Machine Learning |
| Issue Date: | 2014 |
| Publisher: | IEEE |
| Abstract: | The decentralized nature of Peer-to-Peer (P2P) botnets makes them difficult to detect. Their distributed nature also exhibits resilience against take-down attempts. Moreover, smarter bots are stealthy in their communication patterns, and elude the standard discovery techniques which look for anomalous network or communication behavior. In this paper, we propose Peer Shark, a novel methodology to detect P2P botnet traffic and differentiate it from benign P2P traffic in a network. Instead of the traditional 5-tuple 'flow-based' detection approach, we use a 2-tuple 'conversation-based' approach which is port-oblivious, protocol-oblivious and does not require Deep Packet Inspection. Peer Shark could also classify different P2P applications with an accuracy of more than 95%. |
| URI: | https://ieeexplore.ieee.org/abstract/document/6957293 http://dspace.bits-pilani.ac.in:8080/xmlui/handle/123456789/8379 |
| Appears in Collections: | Department of Computer Science and Information Systems |
Files in This Item:
There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.