Fraunhofer-Gesellschaft

Publica

Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

SoK: P2PWNED - modeling and evaluating the resilience of peer-to-peer botnets

 
: Rossow, C.; Andriesse, D.; Werner, T.; Stone-Gross, B.; Plohmann, D.; Dietrich, C.J.; Bos, H.

:

IEEE Computer Society; Institute of Electrical and Electronics Engineers -IEEE-:
IEEE Symposium on Security and Privacy, SP 2013. Proceedings : 19-22 May 2013, San Francisco, California
Los Alamitos, Calif.: IEEE Computer Society Conference Publishing Services (CPS), 2013
ISBN: 978-1-4673-6166-8 (Print)
ISBN: 978-0-7695-4977-4 (Online)
S.97-111
Symposium on Security and Privacy (SP) <34, 2013, San Francisco/Calif.>
Englisch
Konferenzbeitrag
Fraunhofer FKIE ()

Abstract
Centralized botnets are easy targets for takedown efforts by computer security researchers and law enforcement. Thus, botnet controllers have sought new ways to harden the infrastructures of their botnets. In order to meet this objective, some botnet operators have (re)designed their botnets to use Peer-to-Peer (P2P) infrastructures. Many P2P botnets are far more resilient to takedown attempts than centralized botnets, because they have no single points of failure. However, P2P botnets are subject to unique classes of attacks, such as node enumeration and poisoning. In this paper, we introduce a formal graph model to capture the intrinsic properties and fundamental vulnerabilities of P2P botnets. We apply our model to current P2P botnets to assess their resilience against attacks. We provide assessments on the sizes of all eleven active P2P botnets, showing that some P2P botnet families contain over a million bots. In addition, we have prototyped several mitigation strategies to measure the resilience of existing P2P botnets. We believe that the results from our analysis can be used to assist security researchers in evaluating mitigation strategies against current and future P2P botnets.

: http://publica.fraunhofer.de/dokumente/N-264430.html