Journal ArticleDOI
Dynamic game model of botnet DDoS attack and defense
Yichuan Wang,Yichuan Wang,Jianfeng Ma,Liumei Zhang,Wenjiang Ji,Wenjiang Ji,Di Lu,Xinhong Hei +7 more
TLDR
A novel game theory-based model is proposed to describe the scenario, in which the botmaster launching Distributed Denial of Service attacks using a botnet while the defender equipped a firewall defending, and it is helpful to evaluate defense ability of the defender towards current botmaster attacks by analyzing attack log in sandbox.Abstract:
Botnet has become a popular technique for deploying Internet crimes. The command of botnet has evolved into a major way for attackers to launch Distributed Denial of Service attacks on network servers. Modelized analysis methods need to be studied for botnet attacks implements, defense, and prediction. In this paper, we propose a novel game theory-based model to describe the scenario, in which the botmaster launching Distributed Denial of Service attacks using a botnet while the defender equipped a firewall defending. In our model, we consider the following: firstly, the botmaster and the defender can be rational or irrational; secondly, the interaction between the botmaster and the defender is modeled as a dynamic game; thirdly, their supporting or not self-learning databases. We detail the analysis of eight sub-scenarios for the assumptions and give an easy-to-use algorithm for adjustment of offensive and defensive strategy. We use the OPNET to validate our model and its effectiveness. The experiment result shows that our strategy can improve the firewall abilities to lower false alarm rate FR and improve the botmaster lower exposure rate of botnet to avoid detection. Furthermore, the model is helpful to evaluate defense ability of the defender towards current botmaster attacks by analyzing attack log in sandbox. Copyright © 2016 John Wiley & Sons, Ltd.read more
Citations
More filters
Proceedings ArticleDOI
An Analysis of Botnet Models
TL;DR: This paper will examine existing botnet models and their role in improving mitigation and models have been constructed for simulation and analysis.
Journal ArticleDOI
Research on Detection and Defense Mechanisms of DoS Attacks Based on BP Neural Network and Game Theory
TL;DR: The BP neural network DoS attacks detection model uses KDDCUP99 as the dataset and selects multiple feature vectors from the dataset that can efficiently identify doS attacks by large-scale training, which improves the accuracy of detecting DoS attacked to 99.977%.
Journal ArticleDOI
The evolution of IoT Malwares, from 2008 to 2019: Survey, taxonomy, process simulator and perspectives
TL;DR: A survey of the evolution of the IoT malware compares the characteristic features of 28 of the most widespread IoT malware programs of the last decade and proposes a novel methodology for classifying malware based on its behavioral features.
ISPs and Ad Networks Against Botnet Ad Fraud
TL;DR: In this paper, NCCR-MICS SecuSecu is used to describe the MICS Reference EPFL-ARTICLE-165675, which is used in this paper.
References
More filters
Journal ArticleDOI
Incentive-based modeling and inference of attacker intent, objectives, and strategies
Peng Liu,Wanyu Zang,Meng Yu +2 more
TL;DR: A general incentive-based method to model AIOS and a game-theoretic approach to inferring AIOS are presented which can capture the inherent interdependency betweenAIOS and defender objectives and strategies in such a way that AIOS can be automatically inferred.
Journal ArticleDOI
Identifying botnets by capturing group activities in DNS traffic
Hyunsang Choi,Heejo Lee +1 more
TL;DR: The proposed mechanism, referred to as BotGAD (botnet group activity detector) needs a small amount of data from DNS traffic to detect botnet, not all network traffic content or known signatures, and shows that it can automatically detect botnets while providing real-time monitoring in large scale networks.
Journal ArticleDOI
A fuzzy pattern-based filtering algorithm for botnet detection
TL;DR: A behavior-based botnet detection system based on fuzzy pattern recognition techniques that can reduce more than 70% input raw packet traces and achieve a high detection rate, and the proposed FPRF algorithm is resource-efficient and can identify inactive botnets to indicate potential vulnerable hosts.
Proceedings ArticleDOI
On modeling and simulation of game theory-based defense mechanisms against DoS and DDoS attacks
TL;DR: This work model the interaction between the attacker and the defender as a two-player non-zero-sum game in two attack scenarios: one single attacking node for Denial of Service (DoS) and multiple attacking nodes for Distributed DoS (DDoS).
Proceedings ArticleDOI
Towards a bayesian network game framework for evaluating DDoS attacks and defense
TL;DR: A non-standard game-theoretic framework that facilitates evaluation of DDoS attacks and defense is proposed, and it is demonstrated that this framework sheds light on the interplay between decision makings of both the attacker and the defender as well as how they affect the outcomes ofDDoS attack and defense games.