Enhanced P2P botnets detection framework architecture with hybrid analyzer: Host-based and network-based

Nowadays, botnets are the most advanced cybercrime as being powerful threaten to the internet infrastructure by risking the Internet stability and security. Millions of computers have been hijacking and infecting by botnets especially during peak activity. The P2P botnets exploit users and dominating the P2P technology which make botnets are harder to detect and terminated. As P2P botnets issues been highlighted as it's dramatically evolvement, this paper addresses on current problems relate to P2P botnets faced by users and recommending the improvement. Also, this paper concentrated on proposing P2P botnets detection framework. Also, an in-depth analysis of P2P botnets has been conducted to understand and cope with their behaviors and characteristics. The new improvement has been introduced at the propose botnets framework architecture to improve the effectiveness of P2P detection analysis. The framework architecture has been structuralized with hybrid analyzer through the marriage of host-based and network based. Prior to this matter, this research has proposed a new enhancement on framework architecture that has been reinforced by hybrid detection technique to improve the effectiveness and efficiency of P2P botnets detection.

[1]  Huang Chuanhe,et al.  Anomaly detection using Support Vector Machine classification with k-Medoids clustering , 2012, 2012 Third Asian Himalayas International Conference on Internet.

[2]  Guyu Hu,et al.  P2P Botnet Detection Based on Irregular Phased Similarity , 2012, 2012 Second International Conference on Instrumentation, Measurement, Computer, Communication and Control.

[3]  Aurobindo Sundaram,et al.  An introduction to intrusion detection , 1996, CROS.

[4]  Mohd Faizal Abdollah,et al.  Preliminary study of host and network-based analysis on P2P Botnet detection , 2013, 2013 International Conference on Technology, Informatics, Management, Engineering and Environment.

[5]  Hossein Rouhani Zeidanloo,et al.  New Approach for Detection of IRC and P2P Botnets , 2010 .

[6]  Jian Jiao,et al.  Descriptive model of peer-to-peer Botnet structures , 2010, 2010 International Conference on Educational and Information Technology.

[7]  Y. Robiah,et al.  Threshold Verification Technique for Network Intrusion Detection System , 2009, ArXiv.

[8]  Kang G. Shin,et al.  Detection of botnets using combined host- and network-level information , 2010, 2010 IEEE/IFIP International Conference on Dependable Systems & Networks (DSN).

[9]  Ali Movaghar-Rahimabadi,et al.  Intrusion Detection: A Survey , 2008, 2008 Third International Conference on Systems and Networks Communications.

[10]  Ali A. Ghorbani,et al.  P2P botnet detection based on association between common network behaviors and host behaviors , 2011, 2011 International Conference on Multimedia Technology.

[11]  Maghsoud Abbaspour,et al.  An anomaly-based botnet detection approach for identifying stealthy botnets , 2011, 2011 IEEE International Conference on Computer Applications and Industrial Electronics (ICCAIE).

[12]  Sureswaran Ramadass,et al.  A Survey of Botnet and Botnet Detection , 2009, 2009 Third International Conference on Emerging Security Information, Systems and Technologies.

[13]  Guofei Gu,et al.  BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection , 2008, USENIX Security Symposium.

[14]  Xiapu Luo,et al.  Detecting stealthy P2P botnets using statistical traffic fingerprints , 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems & Networks (DSN).

[15]  E. Ilavarasan,et al.  P2P Botnet detection: Combined host- and network-level analysis , 2012, 2012 Third International Conference on Computing, Communication and Networking Technologies (ICCCNT'12).

[16]  Su Chang,et al.  P2P botnet detection using behavior clustering & statistical tests , 2009, AISec '09.

[17]  Wu Liu,et al.  The New Architecture of P2P-Botnet , 2010, 2010 Second Cybercrime and Trustworthy Computing Workshop.

[18]  Hossein Rouhani Zeidanloo,et al.  Botnet Detection by Monitoring Similar Communication Patterns , 2010, ArXiv.

[19]  David J. Miller,et al.  Botnet Detection Through Fine Flow Classification , 2011 .