Friday Seminar: “Advanced Monitoring in P2P Botnets”

This week Friday Seminar will be delivered by Dr. Shankar who recently conferred Doctorate by Technische Universität Darmstadt, Germany. He is going to present his PhD work titled Advanced Monitoring in P2P Botnets.

Those who are interested, feel free to join this Friday seminar on 1st July 2016 10.30 am at NAv6 Meeting Room, Level 6 of School of Computer Sciences and School of Mathematics Building. The seminar is open to all.

Abstract

Botnets are increasingly being held responsible for most of the cybercrimes that occur nowadays. They are used to carry out malicious activities like banking credential theft and Distributed Denial of Service (DDoS) attacks to generate profit for their owner, the botmaster. Traditional botnets utilized centralized and decentralized Command-and-Control Servers (C2s). However, recent botnets have been observed to prefer P2P-based architectures to overcome some of the drawbacks of the earlier architectures.

A P2P architecture allows botnets to become more resilient and robust against random node failures and targeted attacks. However, the distributed nature of such botnets requires the defenders, i.e., researchers and law enforcement agencies, to use specialized tools such as crawlers and sensor nodes to monitor them. In return to such monitoring, botmasters have introduced various countermeasures to impede botnet monitoring, e.g., automated blacklisting mechanisms. The presence of anti-monitoring mechanisms not only render any gathered monitoring data to be inaccurate or incomplete, it may also adversely affect the success rate of botnet takedown attempts that rely upon such data. Most of the existing monitoring mechanisms identified from the related works only attempt to tolerate anti-monitoring mechanisms as much as possible, e.g., crawling bots with lower frequency. However, this might also introduce noise into the gathered data, e.g., due to the longer delay for crawling the botnet. This in turn may also reduce the quality of the data.

This talk presents some of the key contribution of his PhD thesis that addresses major issues associated with monitoring in P2P botnets as described above.

Please feel free to join in this session to understand more about monitoring P2P botnets and to discuss potential research collaborations.

 

Comments are closed