short-paper

A statistical approach to botnet virulence estimation

Authors:

Julian Rrushi,

Ehsan Mokhtari,

Ali A. GhorbaniAuthors Info & Claims

ASIACCS '11: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security

Pages 508 - 512

https://doi.org/10.1145/1966913.1966988

Published: 22 March 2011 Publication History

Get Access

Abstract

Network vulnerability and infection rates are key factors in mathematical models of botnet propagation dynamics, which in turn are increasingly deemed to have potential for playing an important role in various botnet mitigation strategies. In this paper we discuss research that draws on epidemiological models in biology in order to solve the problem of how to estimate network vulnerability and infection rates in relation to a botnet. This research provides botnet propagation models with concrete measures that make those models practical, and hence employable in mitigation of real world botnets in a timely fashion. The proposed estimation approach is based on random sampling and follows a novel application of statistical learning and inference in a botnet-versus-network setting. We have implemented this research in the Matlab programming language, and thus in the paper we also discuss an experimental validation of the effectiveness of this research with respect to realistically simulated botnet propagation dynamics in a GTNetS network simulation platform.

References

[1]

G. K. Bhattacharyya, M. G. Karandinos, and G. R. DeFoliart. Point estimates and confidence intervals for infection rates using pooled organisms in epidemiologic studies. American Journal of Epidemiology, 109(2):124--131, 1979.

Crossref

Google Scholar

[2]

C. L. Chiang and W. C. Reeves. Statistical estimation of virus infection rates in mosquito vector populations. American Journal of Hygiene, 75:377--391, May 1962.

Google Scholar

[3]

Y.-H. Choi, L. Li, P. Liu, and G. Kesidis. Worm virulence estimation for the containment of local worm outbreak. Computers & Security, 29(1):104--123, February 2010.

Digital Library

Google Scholar

[4]

G. F. Riley, M. I. Sharif, and W. Lee. Simulating Internet worms. In Proceedings of the 12th International Workshop on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems, pages 268--274, Vollendam, Netherlands, October 2004.

Digital Library

Google Scholar

[5]

K. H. Thompson. Estimation of the proportion of vectors in a natural population of insects. Biometrics, 18(4):568--578, December 1962.

Crossref

Google Scholar

[6]

S. D. Walter, S. W. Hildreth, and B. J. Beaty. Estimation of infection rates in populations of organisms using pools of variable size. American Journal of Epidemiology, 112(1):124--128, July 1980.

Crossref

Google Scholar

[7]

P. Wang, S. Sparks, and C. C. Zou. An advanced hybrid peer-to-peer botnet. IEEE Transactions on Dependable and Secure Computing, 7(2):113--127, April-June 2010.

Digital Library

Google Scholar

Cited By

View all

Louz ERais JAit Barka ANadem SBarakat A(2022)Geological heritage of the Taguelft syncline (M'Goun Geopark): Inventory, assessment, and promotion for geotourism development (Central High Atlas, Morocco)International Journal of Geoheritage and Parks10.1016/j.ijgeop.2022.04.00210:2(218-239)Online publication date: Jun-2022
https://doi.org/10.1016/j.ijgeop.2022.04.002
Rrushi JGhorbani A(2013)A mathematical exploitation of simulated uniform scanning botnet propagation dynamics for early stage detection and managementJournal of Computer Virology and Hacking Techniques10.1007/s11416-013-0190-710:1(29-51)Online publication date: 27-Aug-2013
https://doi.org/10.1007/s11416-013-0190-7
Khosroshahy MAli MDongyu Qiu (2012)Scomf and SComI botnet models: The cases of initial unhindered botnet expansion2012 25th IEEE Canadian Conference on Electrical and Computer Engineering (CCECE)10.1109/CCECE.2012.6334871(1-5)Online publication date: Apr-2012
https://doi.org/10.1109/CCECE.2012.6334871

Index Terms

A statistical approach to botnet virulence estimation
1. Security and privacy
  1. Network security

Recommendations

Estimating botnet virulence within mathematical models of botnet propagation dynamics

Mathematical models of botnet propagation dynamics are increasingly deemed to have potential for significant contribution to botnet mitigation. Botnet virulence, which comprises network vulnerability rate and network infection rate, is a key factor in ...
Worm virulence estimation for the containment of local worm outbreak

A worm-infected host scanning globally may not cause any new infection in its underlying local network before it is detected and quarantined by a worm detector. To defend this type of scanning hosts, a number of worm scanner detection methods such as ...
Your botnet is my botnet: analysis of a botnet takeover
CCS '09: Proceedings of the 16th ACM conference on Computer and communications security

Botnets, networks of malware-infected machines that are controlled by an adversary, are the root cause of a large number of security problems on the Internet. A particularly sophisticated and insidious type of bot is Torpig, a malware program that is ...

Comments

Information & Contributors

Information

Published In

ASIACCS '11: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security

March 2011

527 pages

ISBN:9781450305648

DOI:10.1145/1966913

General Chairs:
Bruce Cheung
The University of Hong Kong, China
,
Lucas Chi Kwong Hui
The University of Hong Kong, China
,
Program Chairs:
Ravi Sandhu
University of Texas, San Antonio
,
Duncan S. Wong
City University of Hong Kong, China

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 22 March 2011

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper

Conference

ASIA CCS '11

Sponsor:

SIGSAC

ASIA CCS '11: 6th ACM Symposium on Information, Compuer and Communications Security

March 22 - 24, 2011

Hong Kong, China

Acceptance Rates

ASIACCS '11 Paper Acceptance Rate 35 of 217 submissions, 16%;

Overall Acceptance Rate 418 of 2,322 submissions, 18%

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
269
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 09 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Louz ERais JAit Barka ANadem SBarakat A(2022)Geological heritage of the Taguelft syncline (M'Goun Geopark): Inventory, assessment, and promotion for geotourism development (Central High Atlas, Morocco)International Journal of Geoheritage and Parks10.1016/j.ijgeop.2022.04.00210:2(218-239)Online publication date: Jun-2022
https://doi.org/10.1016/j.ijgeop.2022.04.002
Rrushi JGhorbani A(2013)A mathematical exploitation of simulated uniform scanning botnet propagation dynamics for early stage detection and managementJournal of Computer Virology and Hacking Techniques10.1007/s11416-013-0190-710:1(29-51)Online publication date: 27-Aug-2013
https://doi.org/10.1007/s11416-013-0190-7
Khosroshahy MAli MDongyu Qiu (2012)Scomf and SComI botnet models: The cases of initial unhindered botnet expansion2012 25th IEEE Canadian Conference on Electrical and Computer Engineering (CCECE)10.1109/CCECE.2012.6334871(1-5)Online publication date: Apr-2012
https://doi.org/10.1109/CCECE.2012.6334871

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Estimating botnet virulence within mathematical models of botnet propagation dynamics

Worm virulence estimation for the containment of local worm outbreak

Your botnet is my botnet: analysis of a botnet takeover