Botnets: Lifecycle and Taxonomy

Hachem, Nabil; Mustapha, Yosra Ben; Granadillo, Gustavo Gonzalez; Debar, Hervé

doi:10.1109/sar-ssi.2011.5931395

Cited by 41 publications

(16 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Similarly, from the matrix of equation (20), all the eigenvalues have negative value, it follows that the botnet-endemic equilibrium is locally asymptotically stable for all the value of I .…”

Section: Botnet-endemic Equilibrium Stability Statementioning

confidence: 91%

“…Although botnets vary in sizes, from large-scale botnets that comprise of up to thousands of bots to a small scale botnets that comprise of hundreds of bots. Irrespective of its size, botnets are purposely created to carry out malicious activities in computer networks [20]. Considering the emergence of IoT botnet that utilizes Mirai malware, it has successfully shown that it is capable of powering some of the most powerful DDoS attacks that have been seen so far on the internet [4].…”

Section: Iot Botnet Propagationmentioning

confidence: 99%

“…next is to substitute the values into equation 17and determine the Jaccobian of the matrix which can be expressed in equation (20).…”

Section: Botnet-endemic Equilibrium Stability Statementioning

confidence: 99%

See 2 more Smart Citations

Modelling and Mitigation Strategy of IoT Botnet Propagation

Ibrahim¹,

Abdullah²,

Abdullah³

et al. 2019

Preprint

View full text Add to dashboard Cite

Nodes in wireless sensor networks (WSN) are characterized particularly by their limited power and memory capabilities. Limited memory is an important parameter as it defines the size of the operating system and the processing code. As established previously, energy and memory efficiency is the most important evaluation factors of WSNs as they are directly related to data loss and network lifetime. However, based on our simulation results, memory efficiency determines the selection or abandon of nodes by the botmaster for the propagation of bots in an IoT infrastructure. Consequently, the node’s memory efficiency determined the spread of bots in the network and provides defense actors with an insight of the botmaster behavior for mitigation of the attack. Conventional botnet propagation and mitigation models did not consider the impact of node’s memory efficiency in the IoT platform. To address this gap, we build IoT-SIEF, a novel propagation model with forensic capability that will analyze command and control propagation behavior based on the perspective of the node’s memory efficiency. IoT-SIEF model used to explore the dynamics of propagation using numerical simulation with more than 50% outperform other models in mitigating the number of secondary bots. Consequently, it can serve as a basis for assisting the planning, design, and defense of such networks from the investigator's point of view.

show abstract

Section: Botnet-endemic Equilibrium Stability Statementioning

confidence: 91%

Section: Iot Botnet Propagationmentioning

confidence: 99%

See 1 more Smart Citation

Modelling and Mitigation Strategy of IoT Botnet Propagation

Ibrahim¹,

Abdullah²,

Abdullah³

et al. 2019

Preprint

View full text Add to dashboard Cite

show abstract

“…As computer and network security threats are becoming more sophisticated as described in [1] and the number of service dependencies is increasing, optimal response decision is becoming a challenging task for security administrators. Applying appropriate countermeasures and defense strategy implies the deployment of proper network security policy enforcement while taking into account service dependencies and their different interactions.…”

Section: Introductionmentioning

confidence: 99%

Service Dependencies-Aware Policy Enforcement Framework Based on Hierarchical Colored Petri Net

Mustapha¹,

Debar²

2013

Communications in Computer and Information Science

Self Cite

View full text Add to dashboard Cite

Abstract. As computer and network security threats become more sophisticated and the number of service dependencies is increasing, optimal response decision is becoming a challenging task for security administrators. They should deploy and implement proper network security policy enforcement mechanisms in order to apply the appropriate countermeasures and defense strategy.In this paper, we propose a novel modeling framework which considers the service dependencies while identifying and selecting the appropriate Policy Enforcement Points during an intrusion response process. First, we present the security implications of the service dependencies that have been developed in the literature. Second, we give an overview of Colored Petri Nets (CPN) and Hierarchical CPN (HCPN) and its application on network security. Third, we specify our Service Dependencies-aware Policy Enforcement Framework which is based on the application of HCPN. Finally and to illustrate the advantage of our approach, we present a webmail application use case with the integration of different Policy Enforcement Points.

show abstract

“…Recent threats are, moreover, boosted by a myriad of infected network resources interconnected and controlled by unknown parties [2]. Network researchers have dedicated significant resources without reaching a comprehensive method to protect from all known forms of threats and their illegal activities [3]. Existing solutions to address these threats are mostly based on defense strategies.…”

Section: Introductionmentioning

confidence: 99%

HADEGA: A novel MPLS-based mitigation solution to handle network attacks

Hachem

Debar

García-Alfaro

2012

2012 IEEE 31st International Performance Computing and Communications Conference (IPCCC)

Self Cite

View full text Add to dashboard Cite

Abstract-We present HADEGA, a novel adaptive mitigation solution to handle the impact of network attacks. By extracting information from network detection alerts, and build upon the Multiprotocol Label Switching (MPLS) standard, the solution assigns labels and quality of service treatments to suspicious flows. As a result, those labeled flows are controlled and properly handled inside the core network of service providers. We conducted simulations in order to evaluate the efficiency of our approach. Results are presented.

show abstract

Botnets: Lifecycle and Taxonomy

Cited by 41 publications

References 2 publications

Modelling and Mitigation Strategy of IoT Botnet Propagation

Modelling and Mitigation Strategy of IoT Botnet Propagation

Service Dependencies-Aware Policy Enforcement Framework Based on Hierarchical Colored Petri Net

HADEGA: A novel MPLS-based mitigation solution to handle network attacks

Contact Info

Product

Resources

About