PeerShark: Detecting Peer-to-Peer Botnets by Tracking Conversations

dc.contributor.author	Narang, Pratik
dc.date.accessioned	2023-01-09T04:12:33Z
dc.date.available	2023-01-09T04:12:33Z
dc.date.issued	2014
dc.identifier.uri	https://ieeexplore.ieee.org/abstract/document/6957293
dc.identifier.uri	http://dspace.bits-pilani.ac.in:8080/xmlui/handle/123456789/8379
dc.description.abstract	The decentralized nature of Peer-to-Peer (P2P) botnets makes them difficult to detect. Their distributed nature also exhibits resilience against take-down attempts. Moreover, smarter bots are stealthy in their communication patterns, and elude the standard discovery techniques which look for anomalous network or communication behavior. In this paper, we propose Peer Shark, a novel methodology to detect P2P botnet traffic and differentiate it from benign P2P traffic in a network. Instead of the traditional 5-tuple 'flow-based' detection approach, we use a 2-tuple 'conversation-based' approach which is port-oblivious, protocol-oblivious and does not require Deep Packet Inspection. Peer Shark could also classify different P2P applications with an accuracy of more than 95%.	en_US
dc.language.iso	en	en_US
dc.publisher	IEEE	en_US
dc.subject	Computer Science	en_US
dc.subject	Peer-to-peer	en_US
dc.subject	Botnet	en_US
dc.subject	Machine Learning	en_US
dc.title	PeerShark: Detecting Peer-to-Peer Botnets by Tracking Conversations	en_US
dc.type	Article	en_US

Files in this item

Files	Size	Format	View
There are no files associated with this item.