Abstract
Botnets have become the tool of choice to conduct a number of online attacks, e.g., distributed denial of service (DDoS), malware distribution, email spamming, phishing, advertisement click fraud, brute-force password attacks, etc. Criminals involved in conducting their craft online all share one common goal; not to get caught. Botnet design, as a result, has moved away from the traditional, more traceable and easily blocked client/server paradigm towards a decentralized Peer-to-Peer (P2P) based communication system. P2P Internet communication technologies lend themselves well to be used in the world of botnet propagation and control due to the level of anonymity they award to the botmaster. For the cybercrime investigator, identifying the perpetrator of these P2P controlled crimes has become significantly more difficult. This paper outlines the state-of-the-art in P2P botnet investigation.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Zhu, Z., Lu, B., Liao, P., Liu, C., Cui, X.: A hierarchical hybrid structure for botnet control and command. In: Proceedings of 32nd Annual IEEE International Conference on Computer Software and Applications, pp. 967–972 (2008)
Rajab, M., Zarfoss, J., Monrose, F., Terzis, A.: My botnet is bigger than yours (maybe, better than yours): why size estimates remain challenging. In: Proceedings of the First USENIX Workshop on Hot Topics in Understanding Botnets (HotBots 2007), p. 5 (2007)
DynDNS, http://dyn.com/dns
No IP, http://www.no-ip.com
Jimenez, R., Osmani, F., Knutsson, B.: Towards automated detection of peer-to-peer botnets: on the limits of local approaches. In: Proceedings of the 2nd USENIX Conference on Large-Scale Exploits and Emergent Threats: Botnets, Spyware, Worms, and More, p. 3 (2009)
Dittrich, D., Dietrich, S.: Discovery techniques for P2P botnets. CS Technical Report 2008–4, Stevens Institute of Technology (2008)
Schoof, R., Koning, R.: Detecting peer-to-peer botnets. University of Amsterdam (2007) (unpublished paper), http://staff.science.uva.nl/~delaat/sne-2006-2007/p17/report.pdf
Byung, B., Kang, H., Chan-Tin, E., Lee, C., Tyra, J., Kang, J., Nunnery, C., Walder, Z., Sinclair, G., Hopper, N., Dagon, D., Kim, Y.: Towards complete node enumeration in a peer-to-peer botnet. In: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security (ASIACCS 2009), pp. 23–34 (2009)
Scanlon, M., Hannaway, A., Kechadi, M.-T.: A Week in the Life of the Most Popular BitTorrent Swarms. In: Proceedings of the 5th Annual Symposium on Information Assurance (ASIA 2010), pp. 32–36 (2010)
Grizzard, J., Sharma, V., Nunnery, C., Byung, B., Dagon, D.: Peer-to-Peer Botnets: Overview and Case Study. In: Proceedigns of First USENIX Workshop on Hot Topics in Understanding Botnets (HotBots 2007) (2007)
Mukamurenzi, N.M.: Storm Worm: A P2P Botnet. Master of Science Thesis in Communication Technology, Department of Telematics, Norwegian University of Science and Technology (2008)
Sinclair, G., Nunnery, C., Kang, B.B.-H.: The waledac protocol: The how and why. In: Proceedings of 4th International Conference on Malicious and Unwanted Software (MALWARE), pp. 69–77 (2009)
Jang, D., Kim, M., Jung, H., Noh, B.: Analysis of HTTP2P botnet: case study waledac. In: Proceedings of IEEE 9th Malaysia International Conference on Communications, pp. 409–412 (2009)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer Science+Business Media Dordrecht
About this paper
Cite this paper
Scanlon, M., Kechadi, T. (2012). Peer-to-Peer Botnet Investigation: A Review. In: Park, J., Leung, V., Wang, CL., Shon, T. (eds) Future Information Technology, Application, and Service. Lecture Notes in Electrical Engineering, vol 179. Springer, Dordrecht. https://doi.org/10.1007/978-94-007-5064-7_33
Download citation
DOI: https://doi.org/10.1007/978-94-007-5064-7_33
Publisher Name: Springer, Dordrecht
Print ISBN: 978-94-007-5063-0
Online ISBN: 978-94-007-5064-7
eBook Packages: EngineeringEngineering (R0)