Abstract
Sybil attacks are suitable to mitigate P2P botnets, and the effects depend on the influences of Sybil nodes. However, the problem of how to evaluate the influences of Sybil nodes is rarely studied. Considering Kademlia based botnets, we formulate a model to evaluate the influence of Sybil nodes during the publishing of commands. Simulation results show the correctness of this model, and it is found that the percentage of Sybil nodes in the botnet, the value of K, and the size of the botnet are three important factors which significantly affect the influence of Sybil nodes. For defenders who want to determine how many sybil nodes should be inserted to achieve the goal of mitigation, this model can provide valuable guidance.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Grizzard, J.B., Sharma, V., Nunnery, C., Kang, B.B.H.: Peer-to-peer botnets: overview and case study. In: 1st Conference on First Workshop on Hot Topics in Understanding Botnets, p. 1. USENIX Association (2007)
W32.waledac threat analysis, http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/W32_Waledac.pdf
Shin, S., Gu, G., Reddy, N., Lee, C.P.: A large-scale empirical study of conficker. IEEE Transactions on Information Forensics and Security 7, 676–690 (2012)
Yu, H., Kaminsky, M., Gibbons, P.B.: SybilGuard: defending against sybil attacks via social networks. SIGCOMM Comput. Commun. Rev. 36(4), 267–278 (2006)
Douceur, J.R.: The sybil attack. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251–260. Springer, Heidelberg (2002)
Yang, Z., Wilson, C., Wang, X., Gao, T., Zhao, B.Y.: Uncovering social network sybils in the wild. In: The 2011 ACM SIGCOMM Conference on Internet Measurement Conference, pp. 259–268. ACM Press, New York (2011)
Yu, H., Gibbons, P.B.: SybilLimit: A near-optimal social network defense against sybil attacks. IEEE/ACM Transactions on Networking 18(3), 885–898 (2010)
Holz, T., Steiner, M., Dahl, F., Biersack, E., Freiling, F.: Measurements and mitigation of peer-to-peer-based botnets: a case study on storm worm. In: 1st USENIX Workshop on Large-Scale Exploits and Emergent Threats, pp. 1–9. USENIX Association (2008)
Davis, C.R., Fernandez, J.M., Neville, S.: Optimising sybil attacks against P2P-based botnets. In: 4th International Conference on Malicious and Unwanted Software, pp. 78–87. IEEE Press, New York (2009)
Davis, C.R., Fernandez, J.M., Neville, S., McHugh, J.: Sybil attacks as a mitigation strategy against the storm botnet. In: 3rd International Conference on Malicious and Unwanted Software, pp. 32–40. IEEE Press, New York (2008)
Maymounkov, P., Mazières, D.: Kademlia: A peer-to-peer information system based on the XOR metric. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 53–65. Springer, Heidelberg (2002)
Starnberger, G., Kruegel, C., Kirda, E.: Overbot-a botnet protocol based on kademlia. In: 4th International Conference on Security and Privacy in Communication Networks. ACM Press, New York (2008)
Stoica, I., et al.: Chord: A scalable peer-to-peer lookup service for internet applications. ACM SIGCOMM Computer Communication Review 31(4), 149–160 (2001)
Montresor, A., Jelasity, M.: PeerSim: A Scalable P2P Simulator. In: 9th International Conference on Peer-to-Peer Computing, pp. 99–100. IEEE Press, New York (2009)
Singh, A., Ngan, T.-W.J., Druschel, P., Wallach, D.S.: Eclipse attacks on overlay networks: Threats and defenses. In: 25th IEEE International Conference on Computer Communications. IEEE Press, New York (2006)
Singh, A., Castro, M., Druschel, P.: Defending against eclipse attacks on overlay networks. In: 11th Workshop on ACM SIGOPS European Workshop, p. 21. ACM Press, New York (2004)
Wang, P., Wu, L., Aslam, B., Zou, C.C.: A Systematic Study on Peer-to-Peer Botnets. In: International Conference on Computer Communications and Networks, San Francisco. IEEE Press, New York (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Wang, T., Wang, H., Liu, B., Shi, P. (2013). Model the Influence of Sybil Nodes in P2P Botnets. In: Lopez, J., Huang, X., Sandhu, R. (eds) Network and System Security. NSS 2013. Lecture Notes in Computer Science, vol 7873. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-38631-2_5
Download citation
DOI: https://doi.org/10.1007/978-3-642-38631-2_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-38630-5
Online ISBN: 978-3-642-38631-2
eBook Packages: Computer ScienceComputer Science (R0)