Computer Science ›› 2018, Vol. 45 ›› Issue (7): 135-138.doi: 10.11896/j.issn.1002-137X.2018.07.022

• Information Security • Previous Articles     Next Articles

Modeling and Analysis of Botnet with Heterogeneous Infection Rate

NIU Wei-na1,2,ZHANG Xiao-song1,2,YANG Guo-wu1,ZHUO Zhong-liu1,LU Jia-zhong1   

  1. School of Computer Science and Engineering,University of Electronic Science and Technology of China,Chengdu 611731,China1;
    Center for Cyber Security,University of Electronic Science and Technology of China,Chengdu 611731,China2
  • Received:2017-05-22 Online:2018-07-30 Published:2018-07-30

Abstract: Botnet,as a common attack platform,uses the current advanced anonymous network and malicious code technology to provide a lot of effective resources for APT attacks.In order to effectively control the large-scale outbreak of botnet,it is necessary to study its construction rules.This work proposed a botnet propagation model with heteroge-neous infection rate based on disease model due to nodes with different infection rates in different regions.Through analyzing the characteristics of botnet in the steady-state,the mean-field approach is used to study its propagation cha-racteristics from the dynamic point of view.Then,how the heterogenous infection rate affects the botnet propagation threshold in BA network is explored.The experimental results show that the proposed model is more realistic,and the relationship between threshold and heterogeneous infection rate has nothing to do with the number of nodes.

Key words: Botnet, Disease propagation models, Dynamics, Heterogeneous infection rates, Mean-field approach

CLC Number: 

  • TP309.5
[1]EASON G,NOBLE B,SNEDDON I N.On certain integrals ofEggdrop:Open source IRC bot [EB/OL].http://www.eggheads.org.
[2]KIRUBAVATHI G,ANITHA R.Botnets:A study and analysis [M]//Computational Intelligence,Cyber Security and Computational Models.Springer India,2014:203-214.
[3]WANG Y,WEN S,XIANG Y,et al.Modeling the propagation of worms in networks:A survey [J].IEEE Communications Surveys & Tutorials,2014,16(2):942-960.
[4]SHARIFNYA R,ABADI M.DFBotkiller:domain-flux botnetdetection based on the history of activities and failures in DNS traffic.Digital Inestigation,2015,12:15-26.
[5]GU G,PORRAS P A,YEGNESWARAN V,et al.Bothunter:Detecting malware infection through ids-driven dialog correcation[C]∥USENIX Security Symposium.2007:1-16.
[6]GU G,PERDISCI R,ZHANG J,et al.BotMiner:ClusteringAnalysis of Network Traffic for Protocol-and Structure-Indepen-dent Botnet Detection[J].USENIX Security Symposium,2008,5(2):139-154.
[7]SINGH K,GUNTUKU S C,THAKUR A,et al.Big data analy-tics framework for peer-to-peer botnet detection using random forests [J].Information Sciences,2014,278(19):488-497.
[8]TEGELER F,FU X,VIGNA G,et al.Botfinder:Finding bots in network traffic without deep packet inspection[C]∥8th Iinternational Conference on Emerging Networking Experiments and Technologies.ACM,2012:349-360.
[9]KONG X,CHEN Y,TIAN H,et al.A Novel Botnet Detection Method Based on Preprocessing Data Packet by Graph Structure Clustering[C]∥2016 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC).IEEE,2016:42-45.
[10]QIAN Q,XIAO C J,ZHANG R.Propagation modeling for P2P botnet in structured P2P network [J].Journal of Software,2012,23(12):3161-3174.(in Chinese)
钱权,萧超杰,张瑞.结构化对等网络中P2P僵尸网络传播模型[J].软件学报,2012,23(12):3161-3174.
[11]OUYANG C X,TAN L.New propagation model of Botnet on scale-free network [J].Computer Engineering and Applications,2013,49(9):110-114.(in Chinese)
欧阳晨星,谭良.无尺度网络下的僵尸网络传播模型研究[J].计算机工程与应用,2013,49(9):110-114.
[12]CAO X L,NIU Z L.Study on propagation model of botnet based on weighted networks [J].Computer Applications and Software,2012,30(7):180-184.(in Chinese)
曹晓丽,牛志玲.基于加权网络的僵尸网络传播模型研究[J].计算机应用与软件,2013,30(7):180-184.
[13]CHENG S P,TAN L,HUANG B,et al.Botnet propagationmodeling and analysis [J].Computer Engineering and Applications,2013,49(1):107-111.(in Chinese)
成淑萍,谭良,黄彪,等.僵尸网络传播模型分析[J].计算机工程与应用,2013,49(1):107-111.
[14]SRICHARAN K G,KISORE N R.Mathematical model to study propagation of computer worm in a network[C]∥2015 IEEE International Advance Computing Conference (IACC).IEEE,2015:772-777.
[15]REN W,SONG L P,FENG L P.A novel mathematical model on Peer-to-Peer botnet [J].Journal of Measurement Science and Instrumentation,2014,5(4):62-67.
[16]BUONO C,VAZQUEZ F,MACRI P A,et al.Slow epidemic extinction in populations with heterogeneous infection rates [J].Physical Review E,2013,88(2):022813.
[1] ZHANG Xi-ran, LIU Wan-ping, LONG Hua. Dynamic Model and Analysis of Spreading of Botnet Viruses over Internet of Things [J]. Computer Science, 2022, 49(6A): 738-743.
[2] CHEN Xin, LI Fang, DING Hai-xin, SUN Wei-ze, LIU Xin, CHEN De-xun, YE Yue-jin, HE Xiang. Parallel Optimization Method of Unstructured-grid Computing in CFD for DomesticHeterogeneous Many-core Architecture [J]. Computer Science, 2022, 49(6): 99-107.
[3] LIU Jiang, LIU Wen-bo, ZHANG Ju. Hybrid MPI+OpenMP Parallel Method on Polyhedral Grid Generation in OpenFoam [J]. Computer Science, 2022, 49(3): 3-10.
[4] HUANG Guang-qiu, LU Qiu-qin. Vertical Structure Community System Optimization Algorithm [J]. Computer Science, 2020, 47(4): 194-203.
[5] HUANG Guang-qiu,LU Qiu-qin. Protected Zone-based Population Migration Dynamics Optimization Algorithm [J]. Computer Science, 2020, 47(2): 186-194.
[6] LI Fang,LI Zhi-hui,XU Jin-xiu,FAN Hao,CHU Xue-sen,LI Xin-liang. Research on Adaptation of CFD Software Based on Many-core Architecture of 100P Domestic Supercomputing System [J]. Computer Science, 2020, 47(1): 24-30.
[7] LIU Xiao-yang, HE Dao-bing. Study on Information Propagation Dynamics Model and Opinion Evolution Based on Public Emergencies [J]. Computer Science, 2019, 46(5): 320-326.
[8] ZHANG Shuai, XU Shun, LIU Qian, JIN Zhong. Cell Verlet Algorithm of Molecular Dynamics Simulation Based on GPU and Its Parallel Performance Analysis [J]. Computer Science, 2018, 45(10): 291-294.
[9] WANG Wei, WANG Jia-jun, WANG Ming-ming, ZHANG Wen-jing and CHEN Jin-guang. Defense Technology Based on Dynamic Space-Time Performance for Flooding Attacks in Mobile Ad Hoc Networks [J]. Computer Science, 2017, 44(1): 159-166.
[10] WANG Le, MAO Jian-lin, ZHU Hao-fu and GUO Ning. Evolutionary Game Theory-based Access Control Study for P-persistent CSMA Networks [J]. Computer Science, 2016, 43(9): 146-151.
[11] SONG Yuan-zhang. P2P Botnet Detection Based on Permutation Entropy and Multi-sensor Data Fusion on Decision Level [J]. Computer Science, 2016, 43(7): 141-146.
[12] QIU Wei and YANG Ying-jie. Interaction Network Traffic Anomaly Detection Method Based on Cusp Catastrophic Model [J]. Computer Science, 2016, 43(3): 163-166.
[13] CHEN Lian-dong, ZHANG Lei, QU Wu and KONG Ming. Distributed Real-time Botnet Detection Algorithm [J]. Computer Science, 2016, 43(3): 127-136.
[14] LI Chang-qing and ZHANG Yan-lan. Updating Approximations for a Type of Covering-based Rough Sets [J]. Computer Science, 2016, 43(1): 73-76.
[15] ZUO Wan-li, HAN Jia-yu, LIU Lu, WANG Ying and PENG Tao. Incremental User Interest Mining Based on Artificial Immune Algorithm [J]. Computer Science, 2015, 42(5): 34-41.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!