Discrete-Event Simulation of Botnet Protection Mechanisms

The common use of computers, connected to the Internet, as well as insufficient level of security, allow malefactors to execute large-scale infrastructure attacks, engaging in criminal activity a huge number of computing nodes. Attacks of such type have been traditionally performing by botnets. There are examples of successful large-scale attacks fulfilled by armies of bots. For example, attacks such as distributed denial of service (DDoS), aimed at government websites of Estonia in 2007 and Georgia in 2008 had led to the practical inaccessibility of these sites for several days. In 2009 and 2010 spying botnets “GhostNet” and “Shadow Network” have been occurred in many countries around the world.

[1]  Mitsuaki Akiyama,et al.  A Proposal of Metrics for Botnet Detection Based on Its Cooperative Behavior , 2007, 2007 International Symposium on Applications and the Internet Workshops.

[2]  Kouichi Sakurai,et al.  Bot Detection Based on Traffic Analysis , 2007, The 2007 International Conference on Intelligent Pervasive Computing (IPC 2007).

[3]  Brian W. Unger,et al.  Applying parallel discrete event simulation to network emulation , 2000, Proceedings Fourteenth Workshop on Parallel and Distributed Simulation.

[4]  Yong Liu,et al.  Detecting and blocking P2P botnets through contact tracing chains , 2010, Int. J. Internet Protoc. Technol..

[5]  Philippe Owezarski,et al.  A trace based method for realistic simulation , 2004, 2004 IEEE International Conference on Communications (IEEE Cat. No.04CH37577).

[6]  Oliver Spatscheck,et al.  Accurate, scalable in-network identification of p2p traffic using application signatures , 2004, WWW '04.

[7]  William H. Sanders,et al.  Modeling Peer-to-Peer Botnets , 2008, 2008 Fifth International Conference on Quantitative Evaluation of Systems.

[8]  Farnam Jahanian,et al.  A Survey of Botnet Technology and Defenses , 2009, 2009 Cybersecurity Applications & Technology Conference for Homeland Security.

[9]  Aziz Mohaisen,et al.  Losing control of the internet: using the data plane to attack the control plane , 2010, CCS '10.

[10]  Kotagiri Ramamohanarao,et al.  Proactively Detecting Distributed Denial of Service Attacks Using Source IP Address Monitoring , 2004, NETWORKING.

[11]  Igor Kotenko,et al.  Agent-based modelling and simulation of network cyberattacks and cooperative defence mechanisms , 2012 .

[12]  Klaus Wehrle,et al.  Modeling and Tools for Network Simulation , 2010, Modeling and Tools for Network Simulation.

[13]  Matthew M. Williamson,et al.  Throttling viruses: restricting propagation to defeat malicious mobile code , 2002, 18th Annual Computer Security Applications Conference, 2002. Proceedings..

[14]  Claudio Mazzariello IRC Traffic Analysis for Botnet Detection , 2008, 2008 The Fourth International Conference on Information Assurance and Security.

[15]  Michael J. North,et al.  Agent-based modeling and simulation , 2009, Proceedings of the 2009 Winter Simulation Conference (WSC).

[16]  Sureswaran Ramadass,et al.  A Survey of Botnet and Botnet Detection , 2009, 2009 Third International Conference on Emerging Security Information, Systems and Technologies.

[17]  Wenke Lee,et al.  Modeling Botnet Propagation Using Time Zones , 2006, NDSS.

[18]  Andrey Shorov,et al.  AGENT‑BASED MODELING AND SIMULATION OF BOTNETS AND BOTNET DEFENSE , 2010 .

[19]  Suresh Singh,et al.  An Algorithm for Anomaly-based Botnet Detection , 2006, SRUTI.

[20]  Yong Tang,et al.  Slowing down Internet worms , 2004, 24th International Conference on Distributed Computing Systems, 2004. Proceedings..

[21]  Christoph P. Mayer,et al.  Large-scale evaluation of distributed attack detection , 2009, SimuTools.

[22]  Ping Wang,et al.  An Advanced Hybrid Peer-to-Peer Botnet , 2007, IEEE Transactions on Dependable and Secure Computing.

[23]  Wenke Lee,et al.  Simulating Internet worms , 2004, The IEEE Computer Society's 12th Annual International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunications Systems, 2004. (MASCOTS 2004). Proceedings..

[24]  Walter Willinger,et al.  A first-principles approach to understanding the internet's router-level topology , 2004, SIGCOMM '04.

[25]  Asim Shahzad,et al.  A Survey of Botnet Technology and Detection , 2013 .

[26]  Walter Willinger,et al.  A first-principles approach to understanding the internet's router-level topology , 2004, SIGCOMM 2004.

[27]  Guoqiang Zhang,et al.  Towards a Precise and Complete Internet Topology Generator , 2006, 2006 International Conference on Communications, Circuits and Systems.

[28]  Heejo Lee,et al.  Botnet Detection by Monitoring Group Activities in DNS Traffic , 2007, 7th IEEE International Conference on Computer and Information Technology (CIT 2007).

[29]  Brent Byunghoon Kang,et al.  Peer-to-Peer Botnets: Overview and Case Study , 2007, HotBots.

[30]  Jun Li,et al.  SAVE: source address validity enforcement protocol , 2002, Proceedings.Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies.

[31]  Amin Vahdat,et al.  Realistic and responsive network traffic generation , 2006, SIGCOMM.

[32]  José Carlos Brustoloni,et al.  Bayesian bot detection based on DNS traffic similarity , 2009, SAC '09.

[33]  Arnold Suvatne Improved Worm Simulator and Simulations , 2010 .

[34]  Kang G. Shin,et al.  Detecting SYN flooding attacks , 2002, Proceedings.Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies.

[35]  Jyotsna Krishnaswamy,et al.  The Undersigned Project Committee Approves the Project Titled WORMULATOR : A SIMULATOR FOR RAPIDLY SPREADING MALWARE by , 2018 .