| Document Type
|
:
|
BL
|
| Record Number
|
:
|
889483
|
| Main Entry
|
:
|
Karuppayah, Shankar
|
| Title & Author
|
:
|
Advanced monitoring in P2P botnets : : a dual perspective /\ Shankar Karuppayah.
|
| Publication Statement
|
:
|
Singapore :: Springer,, [2018]
|
| Series Statement
|
:
|
Springer Briefs on cyber security systems and networks
|
| Page. NO
|
:
|
1 online resource (xvii, 105 pages)
|
| ISBN
|
:
|
9789811090509
|
|
|
:
|
: 9811090505
|
|
|
:
|
9789811090493
|
|
|
:
|
9811090491
|
| Bibliographies/Indexes
|
:
|
Includes bibliographical references.
|
| Contents
|
:
|
Intro; Foreword; Preface; Acknowledgements; Contents; Acronyms; 1 Introduction; 1.1 Botnet Architectures; 1.1.1 Centralized Botnets; 1.1.2 Decentralized Botnets; 1.1.3 P2P Botnets; 1.2 P2P Botnet Monitoring; 1.3 Outline; References; 2 Requirements and State of the Art; 2.1 Requirements of a Botnet Monitoring Mechanism; 2.1.1 Functional Requirements; 2.1.2 Non-functional Requirements; 2.2 Formal Model for P2P Botnets; 2.3 Related Work on Botnet Monitoring; 2.3.1 Honeypots; 2.3.2 Crawlers; 2.3.3 Sensor Nodes; 2.4 Challenges in Botnet Monitoring; 2.4.1 The Dynamic Nature of P2P Botnets.
|
|
|
:
|
2.4.2 Noise from Unknown Third Party Monitoring Activities2.4.3 Anti-monitoring Mechanisms; 2.5 Summary; References; 3 The Anatomy of P2P Botnets; 3.1 Dissecting GameOver Zeus; 3.1.1 Bootstrapping Process; 3.1.2 Membership Maintenance Mechanism; 3.1.3 Blacklisting Mechanism; 3.2 Dissecting Sality; 3.2.1 Bootstrapping Process; 3.2.2 Membership Management Mechanism; 3.3 Dissecting ZeroAccess; 3.3.1 Bootstrapping Process; 3.3.2 Membership Management Mechanism; 3.4 Summary; References; 4 Crawling Botnets; 4.1 Circumventing Anti-crawling Mechanisms.
|
|
|
:
|
4.1.1 Restricted NL Reply Mechanism of GameOver Zeus4.1.2 Less Invasive Crawling Algorithm (LICA); 4.2 Advanced Anti-crawling Countermeasures; 4.2.1 Enhancing GameOver Zeus' NL Restriction Mechanism; 4.2.2 BoobyTrap: Detecting Persistent Crawlers; 4.3 Evaluation; 4.3.1 Evaluation of ZeusMilker; 4.3.2 Evaluation of the Less Invasive Crawling Algorithm (LICA); 4.3.3 Evaluation of the BoobyTrap Mechanism; 4.4 Summary; References; 5 Deployment of Sensor Nodes in Botnets; 5.1 Detecting Sensor Nodes in Botnets; 5.1.1 Introduction; 5.1.2 Local Clustering Coefficient (LCC); 5.1.3 SensorRanker.
|
|
|
:
|
5.1.4 SensorBuster5.2 Circumventing Sensor Detection Mechanisms; 5.2.1 Circumventing LCC; 5.2.2 Evading SensorRanker; 5.2.3 Evading SensorBuster; 5.3 Evaluation; 5.3.1 Datasets; 5.3.2 Experimental Setup; 5.3.3 Research Questions and Expectations; 5.3.4 Results; 5.4 Summary; References; 6 Conclusion and Outlook; 6.1 Conclusion; 6.2 Outlook.
|
| Abstract
|
:
|
This book presents current research in the area of advanced monitoring in P2P botnets, and uses a dual-perspective approach to discuss aspects of botnet monitoring in-depth. First, from the perspective of a defender, e.g. researchers, it introduces advanced approaches to successfully monitor botnets, taking the presence of current botnet anti-monitoring mechanisms into consideration. Then, adopting a botmaster perspective to anticipate the advances in future botnets, it introduces advanced measures to detect and prevent monitoring activities. All the proposed methods were evaluated either using real-world data or in a simulation scenario. In addition to providing readers with an in-depth understanding of P2P botnets, the book also analyzes the implications of the various design choices of recent botnets for effectively monitoring them. It serves as an excellent introduction to new researchers and provides a useful review for specialists in the field.
|
| Subject
|
:
|
Computer networks-- Access control.
|
| Subject
|
:
|
Computer networks-- Security measures.
|
| Subject
|
:
|
Malware (Computer software)
|
| Subject
|
:
|
Peer-to-peer architecture (Computer networks)
|
| Subject
|
:
|
Computer networks-- Access control.
|
| Subject
|
:
|
Computer networks-- Security measures.
|
| Subject
|
:
|
Computer security.
|
| Subject
|
:
|
COMPUTERS-- Networking-- General.
|
| Subject
|
:
|
Malware (Computer software)
|
| Subject
|
:
|
Mathematical physics.
|
| Subject
|
:
|
Network hardware.
|
| Subject
|
:
|
Peer-to-peer architecture (Computer networks)
|
| Dewey Classification
|
:
|
005.8
|
| LC Classification
|
:
|
TK5105.59.K37 2018
|