SCOPUS 정보 검색 플랫폼

Proceedings of the International Conference on Dependable Systems and Networks

Volumn , Issue , 2011, Pages 121-132

Detecting stealthy P2P botnets using statistical traffic fingerprints

(5) Zhang, Junjie a Perdisci, Roberto b Lee, Wenke a Sarfraz, Unum a Luo, Xiapu c

a GEORGIA INSTITUTE OF TECHNOLOGY (United States)

b UNIVERSITY OF GEORGIA (United States)

c HONG KONG POLYTECHNIC UNIVERSITY (Hong Kong)

Author keywords

Botnet; Intrusion Detection; P2P; Security

Indexed keywords

BOTNET; BOTNETS; CURRENT DETECTION; DETECTION ACCURACY; DETECTION SYSTEM; EXPERIMENTAL EVALUATION; FALSE POSITIVE RATES; MALICIOUS ACTIVITIES; P2P; P2P APPLICATIONS; P2P COMMUNICATIONS; PEER TO PEER; REAL WORLD DATA; SECURITY;

DISTRIBUTED COMPUTER SYSTEMS; INTRUSION DETECTION;

PEER TO PEER NETWORKS;

EID: 80051935855 PISSN: None EISSN: None Source Type: Conference Proceeding
DOI: 10.1109/DSN.2011.5958212 Document Type: Conference Paper

Times cited : (89)

References (23)

1
- 47349085035
- Argus: Auditing network activity. http://www.qosient.com/argus/.
- Auditing Network Activity

2
- 80051924605
- Autoit script. http://www.autoitscript.com/autoit3/index.shtml.

3
- 14344265818
- Internet traffic classification using Bayesian analysis techniques
- A.W. Moore and D. Zuev. Internet traffic classification using Bayesian analysis techniques. In ACM SIGMETRICS, 2005.
- (2005) ACM SIGMETRICS
- Moore, A.W.¹ Zuev, D.²

4
- 34547453122
- Understanding churn in peer-to-peer networks
- D. Stutzbach and R. Rejaie. Understanding churn in peer-to-peer networks. In ACM SIGCOMM Internet Measurement Conf, 2006.
- (2006) ACM SIGCOMM Internet Measurement Conf
- Stutzbach, D.¹ Rejaie, R.²

5
- 85061529860
- Bothunter: Detecting malware infection through IDS-driven dialog correlation
- G. Gu, P. Porras, V. Yegneswaran, M. Fong, and W. Lee. Bothunter: Detecting malware infection through IDS-driven dialog correlation. In Proc. USENIX Security, 2007.
- (2007) Proc. USENIX Security
- Gu, G.¹ Porras, P.² Yegneswaran, V.³ Fong, M.⁴ Lee, W.⁵

6
- 85075837457
- Botminer: Clustering analysis of network traffic for protocol-and structure-independent botnet detection
- G. Gu, R. Perdisci, J. Zhang, and W. Lee. Botminer: Clustering analysis of network traffic for protocol-and structure-independent botnet detection. In Proc. USENIX Security, 2008.
- (2008) Proc. USENIX Security
- Gu, G.¹ Perdisci, R.² Zhang, J.³ Lee, W.⁴

7
- 0035676057
- On clustering validation techniques
- DOI 10.1023/A:1012801612483
- M. Halkidi, Y. Batistakis, and M. Vazirgiannis. On clustering validation techniques. J. Intell. Inf. Syst., 17(2-3):107-145, 2001. (Pubitemid 34050790)
- (2001) Journal of Intelligent Information Systems , vol.17 , Issue.2-3 , pp. 107-145
- Halkidi, M.¹ Batistakis, Y.² Vazirgiannis, M.³

8
- 85084097128
- Measurements and mitigation of peer-to-peer-based botnets: A case study on storm worm
- T. Holz, M. Steiner, F. Dahl, E. Biersack, and F. Freiling. Measurements and mitigation of peer-to-peer-based botnets: A case study on storm worm. In Proc. USENIX LEET, 2008.
- (2008) Proc. USENIX LEET
- Holz, T.¹ Steiner, M.² Dahl, F.³ Biersack, E.⁴ Freiling, F.⁵

9
- 77952351261
- Towards complete node enumeration in a peer-to-peer botnet
- B. Kang, E. C. Tin, and C. P. Lee. Towards complete node enumeration in a peer-to-peer botnet. In Proc. ACM ASIACCS, 2009.
- (2009) Proc. ACM ASIACCS
- Kang, B.¹ Tin, E.C.² Lee, C.P.³

10
- 62849113137
- R. Lemos. Bot software looks to improve peerage. Http://www. securityfocus.com/news/11390, 2006.
- (2006) Bot Software Looks to Improve Peerage
- Lemos, R.¹

11
- 77953328281
- Measurement and diagnosis of address misconfigured p2p traffic
- Z. Li, A. Goyal, Y. Chen, and A. Kuzmanovic. Measurement and diagnosis of address misconfigured p2p traffic. In IEEE INFOCOM 2010, 2010.
- (2010) IEEE INFOCOM 2010
- Li, Z.¹ Goyal, A.² Chen, Y.³ Kuzmanovic, A.⁴

12
- 44449130555
- Finding peer-to-peer file sharing using coarse network behaviors
- M.P. Collins and M. K. Reiter. Finding peer-to-peer file sharing using coarse network behaviors. In Proc. ESORICS, 2006.
- (2006) Proc. ESORICS
- Collins, M.P.¹ Reiter, M.K.²

13
- 44649128920
- A multi-perspective analysis of the storm (peacomm) worm
- P. Porras, H. Saidi, and V. Yegneswaran. A multi-perspective analysis of the storm (peacomm) worm. In Computer Science Laboratory, SRI International, Technical Report, 2007.
- (2007) Computer Science Laboratory SRI International, Technical Report
- Porras, P.¹ Saidi, H.² Yegneswaran, V.³

14
- 80051932881
- P. Porras, H. Saidi, and V. Yegneswaran. Conficker c analysis. http://mtc.sri.com/Conficker/addendumC/index.html, 2009.
- (2009)
- Porras, P.¹ Saidi, H.² Yegneswaran, V.³

15
- 85059753615
- Botgrep: Finding p2p bots with structured graph analysis
- S. Nagaraja and P. Mittal and C.-Y. Hong and M. Caesar and N. Borisov. Botgrep: Finding p2p bots with structured graph analysis. In Proc. USENIX Security, 2010.
- (2010) Proc. USENIX Security
- Nagaraja, S.¹ Mittal, P.² Hong, C.-Y.³ Caesar, M.⁴ Borisov, N.⁵

16
- 19944406146
- Accurate, scalable in-network identication of p2p traffic using application signatures
- S. Sen, O. Spatscheck, and D. Wang. Accurate, scalable in-network identication of p2p traffic using application signatures. In WWW, 2004.
- (2004) WWW
- Sen, S.¹ Spatscheck, O.² Wang, D.³

17
- 77950106995
- The waledac protocol: The how and why
- G. Sinclair, C. Nunnery, and B. B. Kang. The waledac protocol: The how and why. In Intl. Conf. Malicious and Unwanted Software, 2009.
- (2009) Intl. Conf. Malicious and Unwanted Software
- Sinclair, G.¹ Nunnery, C.² Kang, B.B.³

18
- 49049107082
- Analysis of the storm and nugache trojans: P2p is here
- S. Stover, D. Dittrich, J. Hernandez, and S. Dietrich. Analysis of the storm and nugache trojans: P2p is here. In USENIX; login, vol. 32, no. 6, 2007.
- (2007) USENIX; Login , vol.32 , Issue.6
- Stover, S.¹ Dittrich, D.² Hernandez, J.³ Dietrich, S.⁴

19
- 77955861102
- Are your hosts trading or plotting? Telling p2p file-sharing and bots apart
- T.-F. Yen and M. K. Reiter. Are your hosts trading or plotting? Telling p2p file-sharing and bots apart. In ICDCS, 2010.
- (2010) ICDCS
- Yen, T.-F.¹ Reiter, M.K.²

20
- 34249311112
- Transport layer identification of p2p traffic
- T. Karagiannis, A.Broido, M. Faloutsos, and Kc Claffy. Transport layer identification of p2p traffic. In ACM IMC, 2004.
- (2004) ACM IMC
- Karagiannis, T.¹ Broido, A.² Faloutsos, M.³ Claffy, K.⁴

21
- 33750346628
- Blinc: Multilevel traffic classification in the dark
- T. Karagiannis and K. Papagiannaki and M. Faloutsos. Blinc: Multilevel traffic classification in the dark. In ACM SIGCOMM, 2005.
- (2005) ACM SIGCOMM
- Karagiannis, T.¹ Papagiannaki, K.² Faloutsos, M.³

22
- 79954733367
- Botgraph: Large scale spamming botnet detection
- Y. Zhao and Y. Xie and F. Yu and Q. Ke and Y. Yu. Botgraph: Large scale spamming botnet detection. In Proc. USENIX NSDI, 2009.
- (2009) Proc. USENIX NSDI
- Zhao, Y.¹ Xie, Y.² Yu, F.³ Ke, Q.⁴ Yu, Y.⁵

23
- 0030157145
- Birch: An efficient data clustering method for very large databases
- ACM Press
- T. Zhang, R. Ramakrishnan, and M. Livny. Birch: An efficient data clustering method for very large databases. In Proc. ACM SIGMOD. ACM Press, 1996.
- (1996) Proc. ACM SIGMOD.
- Zhang, T.¹ Ramakrishnan, R.² Livny, M.³

* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.