微信服务号

微信订阅号

2025-5-14- 13
Home > Archive>Volume 23, Issue 12, 2012 >3161-3174. DOI:10.3724/SP.J.1001.2012.04186
PDF HTML XML Export Cite reminder
Propagation Modeling for P2P Botnet in Structured P2P Network
Author:
Affiliation:

  • Article
    • | |
  • Metrics
    • |
  • Reference [22]
    • |
  • Related [20]
    • | | |
  • Comments
    Abstract:

    Depending on the structured peer-to-peer networks, the P2P botnets are the main threats of the Internet in the future. In this paper, a formal mathematical P2P botnet propagation model is built based on a deep analysis of two typical structured P2P protocols, Chord and Kademlia. This model, it integrates different factors, such as structured P2P protocols, two-factor immunizations, and host online rates to describe the structured P2P botnet propagation mechanisms comprehensively. Meanwhile, in order to evaluate the model effectiveness, simulate the P2P botnets propagation, the difference between the theoretical model and the simulation is used to verify the model efficiency. The experiments prove the correctness of the theoretical model also verify the different influences of structured P2P protocols, immunization mechanisms, and the host online rates on P2P botnet propagation. Moreover, through simulating P2P network with millions of nodes, it can be shown that the propagation model is correct and valid in large scale network, which provides a theoretical basis for botnet detection and prevention.

    Reference
    [1] Wang P, Wu L, Aslam B, Zou CC. A systematic study on peer-to-peer botnets. In: Byrav R, ed. Proc. of the 18th Int'l Conf. onComputer Communications and Networks (ICCCN 2009). San Francisco: IEEE Press, 2009. 1-8. [doi: 10.1109/ICCCN.2009.5235360]
    [2] Zou CC, Gong WB, Towsley D. Code red worm propagation modeling and analysis. In: Atluri V, ed. Proc. of the 9th ACM Conf.on Computer and Communications Security (CCS 2002). New York: ACM Press, 2002. 138-147. [doi: 10.1145/586110.586130]
    [3] Kim D, Radhakrishnan S, Dhall SK. Measurement and analysis of worm propagation on Internet network topology. In: Ronald PL,ed. Proc. of the Int'l Conf. on Computer Communications and Networks (ICCCN 2004). Chicago: IEEE Press, 2004. 495-500. [doi:10.1109/ICCCN.2004.1401716]
    [4] Zou CC, Gong WB, Towsley D. Worm propagation modeling and analysis under dynamic quarantine defense. In: Staniford S, ed.Proc. of the ACM CCS Workshop on Rapid Malcode (WORM 2003). New York: ACM Press, 2003. 51-60. [doi: 10.1145/948187.948197]
    [5] Li H, Zheng Q, Pan XH, Zhang XS. Propagation model of non-scanning active worm in unstructured P2P network. In: Lina W, ed.Proc. of the 2009 Int'l Conf. on Multimedia Information Networking and Security (NINES 2009). IEEE Press, 2009. 378-381. [doi:10.1109/MINES.2009.109]
    [6] Yu W, Chellappan S, Wang X, Xuan D. Peer-to-Peer system-based active worm attacks: Modeling, analysis and defense. ComputerCommunications, 2008,31(17):4005-4017. [doi: 10.1016/j.comcom.2008.08.008]
    [7] Luo XR, Yao Y, Gao FX. Research of a potential worm propagation model based on pure P2P principle. Journal ofCommunications, 2006,27(11A):53-58 (in Chinese with English abstract).
    [8] Zhang XS, Chen T, Zheng J, Li H. Active worm propagation modeling in unstructured P2P network. In: Yu F, ed. Proc. of the 2ndInt'l Symp. on Computer Science and Computational Technology (ISCSCT 2009). Huangshan: Academy Publisher, 2009. 035-038.
    [9] Feng CS, Qin ZG, Laurence C, Laurissa T. Reactive worms propagation modeling and analysis in peer-to-peer networks. Journal ofComputer Research and Development, 2010,47(3):500-507 (in Chinese with English abstract).
    [10] Zhang XS, Chen T, Zheng J, Li H. Proactive worm propagation modeling and analysis in unstructured peer-to-peer networks.Journal of Zhejiang University—Science C (Computer & Electronics), 2010,11(2):119-129.
    [11] Grizzard JB, Sharma V, Nunnery C. Peer-to-Peer botnets: Overview and case study. In: Niels P, ed. Proc. of the 1st Workshop onHot Topics in Understanding Botnets. Cambridge: USENIX Association Berkeley Publisher, 2007. 1-8.
    [12] Dagon D, Zou C, Lee W. Modeling botnet propagation using time zone. In: Eric H, ed. Proc. of the 13th Annual Network andDistributed System Security Symp. (NDSS 2006). San Diego: The Internet Society Press, 2006. 1-15.
    [13] Holz T, Steiner M, Dahl F, Biersack E, Freiling F. Measurement and mitigation of peer-to-peer-based botnets: A case study onstorm worm. In: Fabian M, ed. Proc. of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats (LEET 2008). SanFrancisco: USENIX Association Berkeley Publisher, 2008. 1-9.
    [14] Yu W, Chellappan S, Wang X, Xuan D. Peer-to-Peer system-based active worm attacks: Modeling and analysis. ComputerCommunications, 2008,31(17):4005-4017. [doi: 10.1016/j.comcom.2008.08.008]
    [15] Xia CH, Shi YP, Li XJ. Research on epidemic models of P2P worm in structured peer-to-peer networks. Chinese Journal ofComputers, 2006,29(6):952-959 (in Chinese with English abstract).
    [16] Wen WP, Qing SH, Jiang JC, Wang YJ. Research and development of Internet worms. Journal of Software, 2004,15(8):1208-1219(in Chinese with English abstract). http://www.jos.org.cn/1000-9825/15/1208.htm
    [17] 杨峰,段海新,李星.网络蠕虫扩散中蠕虫和良性蠕虫交互过程建模与分析.中国科学(E 辑),2004,34(8):841-856.
    [18] Gao CX, Zhang FY, Xin Y, Niu XX, Yang YX. Research on worm's propagation and defense model in different P2P networks.Journal of Beijing University of Posts and Telecommunications, 2006,29(z2):49-53 (in Chinese with English abstract).
    [19] Wu CJ, Zhou SJ, Xiao CJ, Wu Y. Simulation of epidemic of P2P worms in BitTorrent networks. Journal of University of ElectronicScience and Technology of China, 2007,36(6):1206-1210 (in Chinese with English abstract).
    [20] Maymounkov P, Mazieres D. Kademlia: A peer to peer information systems based on the XOR metric. In: Peter D, ed. Proc. of the1st Int'l Workshop on Peer-to-Peer Systems (IPTPS 2002). Cambridge: Springer-Verlag, 2002. 53-65.
    [21] Stoica I, Morris R, Karger D, Kaashoek MF, Balakrishnan H. Chord: A scalable peer-to-peer lookup service for internetapplications. In: Rene C, ed. Proc. of the 2001 Conf.on Applications, Technologies, Architectures, and Protocols for ComputerCommunications (SIGCOMM 2001). New York: ACM Press, 2001. 149-160. [doi: 10.1145/383059.383071]
    [22] Montresor A, Jelasity M. PeerSim: A scalable P2P simulator. In: Henning S, ed. Proc. of the 9th Int'l Conf. on Peer-to-PeerComputing (P2P 2009). Seattle: IEEE Computer Society Press, 2009. 99-100. http://peersim.sourceforge.net/ [doi: 10.1109/P2P.2009.5284506]
    Cited by
    Comments
    Comments
    分享到微博
    Submit
Get Citation

钱权,萧超杰,张瑞.结构化对等网络中P2P 僵尸网络传播模型.软件学报,2012,23(12):3161-3174

Copy
Share
Article Metrics
  • Abstract:3830
  • PDF: 6311
  • HTML: 0
  • Cited by: 0
History
  • Received:March 07,2011
  • Revised:December 31,2011
  • Online: December 05,2012
Links:Institute of Software, CASChina Computer FederationCASNSFC
You are the first2044391Visitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-4
Address:4# South Fourth Street, Zhong Guan Cun, Beijing 100190,Postal Code:100190
Phone:010-62562563 Fax:010-62562533 Email:jos@iscas.ac.cn
Technical Support:Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063