Author(s): |
Bo Liu, School of Computer, National University of Defense and Technology, Changsha, China Ming Liu, Jiujiang Vocational and Technical College, Jiujiang, China Tian-zuo Wang, School of Computer, National University of Defense and Technology, Changsha, China Jing Zhang, School of Computer, National University of Defense and Technology, Changsha, China |
Abstract: |
Nowadays, botnets, especially P2P botnets which adopted distributed command and control infrastructures have become one kind of the most serious threats imposed to network security. Based on the review of the evolution of P2P botnets, the paper analyzed in depth how Storm—a representative P2P botnet—utilized publish/subscribe mechanism supported by the P2P protocol Overnet to build its command and control channel secretly. Furthermore, according to the main defect of Storm that the searching behavior of its participants would be predictable, some defense approaches that explored the feasibility of Sybil attacks were studied respectively as the detection and mitigation strategy against Storm-like P2P botnets.
|