SpringerLink
Log in

Model the Influence of Sybil Nodes in P2P Botnets

  • Conference paper
Network and System Security (NSS 2013)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7873))

Included in the following conference series:

  • 3636 Accesses

Abstract

Sybil attacks are suitable to mitigate P2P botnets, and the effects depend on the influences of Sybil nodes. However, the problem of how to evaluate the influences of Sybil nodes is rarely studied. Considering Kademlia based botnets, we formulate a model to evaluate the influence of Sybil nodes during the publishing of commands. Simulation results show the correctness of this model, and it is found that the percentage of Sybil nodes in the botnet, the value of K, and the size of the botnet are three important factors which significantly affect the influence of Sybil nodes. For defenders who want to determine how many sybil nodes should be inserted to achieve the goal of mitigation, this model can provide valuable guidance.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or Ebook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free ship** worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Grizzard, J.B., Sharma, V., Nunnery, C., Kang, B.B.H.: Peer-to-peer botnets: overview and case study. In: 1st Conference on First Workshop on Hot Topics in Understanding Botnets, p. 1. USENIX Association (2007)

    Google Scholar 

  2. W32.waledac threat analysis, http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/W32_Waledac.pdf

  3. Shin, S., Gu, G., Reddy, N., Lee, C.P.: A large-scale empirical study of conficker. IEEE Transactions on Information Forensics and Security 7, 676–690 (2012)

    Article  Google Scholar 

  4. Yu, H., Kaminsky, M., Gibbons, P.B.: SybilGuard: defending against sybil attacks via social networks. SIGCOMM Comput. Commun. Rev. 36(4), 267–278 (2006)

    Article  Google Scholar 

  5. Douceur, J.R.: The sybil attack. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251–260. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  6. Yang, Z., Wilson, C., Wang, X., Gao, T., Zhao, B.Y.: Uncovering social network sybils in the wild. In: The 2011 ACM SIGCOMM Conference on Internet Measurement Conference, pp. 259–268. ACM Press, New York (2011)

    Chapter  Google Scholar 

  7. Yu, H., Gibbons, P.B.: SybilLimit: A near-optimal social network defense against sybil attacks. IEEE/ACM Transactions on Networking 18(3), 885–898 (2010)

    Article  Google Scholar 

  8. Holz, T., Steiner, M., Dahl, F., Biersack, E., Freiling, F.: Measurements and mitigation of peer-to-peer-based botnets: a case study on storm worm. In: 1st USENIX Workshop on Large-Scale Exploits and Emergent Threats, pp. 1–9. USENIX Association (2008)

    Google Scholar 

  9. Davis, C.R., Fernandez, J.M., Neville, S.: Optimising sybil attacks against P2P-based botnets. In: 4th International Conference on Malicious and Unwanted Software, pp. 78–87. IEEE Press, New York (2009)

    Google Scholar 

  10. Davis, C.R., Fernandez, J.M., Neville, S., McHugh, J.: Sybil attacks as a mitigation strategy against the storm botnet. In: 3rd International Conference on Malicious and Unwanted Software, pp. 32–40. IEEE Press, New York (2008)

    Google Scholar 

  11. Maymounkov, P., Mazières, D.: Kademlia: A peer-to-peer information system based on the XOR metric. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 53–65. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  12. Starnberger, G., Kruegel, C., Kirda, E.: Overbot-a botnet protocol based on kademlia. In: 4th International Conference on Security and Privacy in Communication Networks. ACM Press, New York (2008)

    Google Scholar 

  13. Stoica, I., et al.: Chord: A scalable peer-to-peer lookup service for internet applications. ACM SIGCOMM Computer Communication Review 31(4), 149–160 (2001)

    Article  Google Scholar 

  14. Montresor, A., Jelasity, M.: PeerSim: A Scalable P2P Simulator. In: 9th International Conference on Peer-to-Peer Computing, pp. 99–100. IEEE Press, New York (2009)

    Google Scholar 

  15. Singh, A., Ngan, T.-W.J., Druschel, P., Wallach, D.S.: Eclipse attacks on overlay networks: Threats and defenses. In: 25th IEEE International Conference on Computer Communications. IEEE Press, New York (2006)

    Google Scholar 

  16. Singh, A., Castro, M., Druschel, P.: Defending against eclipse attacks on overlay networks. In: 11th Workshop on ACM SIGOPS European Workshop, p. 21. ACM Press, New York (2004)

    Chapter  Google Scholar 

  17. Wang, P., Wu, L., Aslam, B., Zou, C.C.: A Systematic Study on Peer-to-Peer Botnets. In: International Conference on Computer Communications and Networks, San Francisco. IEEE Press, New York (2009)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer Science, National University of Defense Technology, ChangSha, China

    Tianzuo Wang, Huaimin Wang, Bo Liu & Peichang Shi

Authors
  1. Tianzuo Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Huaimin Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bo Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Peichang Shi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Science Department, ETSI Informatica, University of Malaga, Campus de Teatinos, 29071, Malaga, Spain

    Javier Lopez

  2. School of Mathematics and Computer Science, Fujian Normal University, No. 32 Shangsan Road, 350007, Fuzhou, China

    **nyi Huang

  3. Institute for Cyber Security,, University of Texas at San Antonio, One UTSA Circle, 78249, San Antonio, TX, USA

    Ravi Sandhu

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Wang, T., Wang, H., Liu, B., Shi, P. (2013). Model the Influence of Sybil Nodes in P2P Botnets. In: Lopez, J., Huang, X., Sandhu, R. (eds) Network and System Security. NSS 2013. Lecture Notes in Computer Science, vol 7873. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-38631-2_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-38631-2_5

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-38630-5

  • Online ISBN: 978-3-642-38631-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation