Recognizing P2P Botnets Characteristic Through TCP Distinctive Behaviour
Botnet has been identified as one of the most emerging threats to the Internet users. It has been attracted much attention and gives a big threat in network security. Through the year a number of Botnet variants have been introduced and the most lethal variants are known as peerto- peer (P2P) bo...
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
2011
|
| Subjects: | |
| Online Access: | http://eprints.utem.edu.my/id/eprint/3580/ http://eprints.utem.edu.my/id/eprint/3580/1/Paper_28111124_IJCSIS__pp._7-11.pdf |
| _version_ | 1848886954896130048 |
|---|---|
| author | Abdullah, Raihana Syahirah Mas'ud, M. Z. Abdollah, M. F. Sahib, S. Yusof, R. |
| author_facet | Abdullah, Raihana Syahirah Mas'ud, M. Z. Abdollah, M. F. Sahib, S. Yusof, R. |
| author_sort | Abdullah, Raihana Syahirah |
| building | UTeM Institutional Repository |
| collection | Online Access |
| description | Botnet has been identified as one of the most
emerging threats to the Internet users. It has been attracted much attention and gives a big threat in network security.
Through the year a number of Botnet variants have been
introduced and the most lethal variants are known as peerto-
peer (P2P) botnets which able to camouflaging itself as the
benign P2P application. This evolution of Botnet variants
has made it harder to detect and shut down. Alike any
network connection, p2p similarly using TCP to initialize the communication between two parties. Based on this reason,
this paper investigates the network traffic characteristics of normal P2P connection and P2P botnets through the TCP
connection initialize or received between the bot to the bot
master. The proposed mechanism detects and classifies the
P2P botnet TCP connection behaviour from the normal P2P
network traffic. This can be used for early warning of P2P
botnet activities in the network and prevention mechanism. |
| first_indexed | 2025-11-15T19:46:42Z |
| format | Article |
| id | utem-3580 |
| institution | Universiti Teknikal Malaysia Melaka |
| institution_category | Local University |
| language | English |
| last_indexed | 2025-11-15T19:46:42Z |
| publishDate | 2011 |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | utem-35802021-10-01T12:14:39Z http://eprints.utem.edu.my/id/eprint/3580/ Recognizing P2P Botnets Characteristic Through TCP Distinctive Behaviour Abdullah, Raihana Syahirah Mas'ud, M. Z. Abdollah, M. F. Sahib, S. Yusof, R. Q Science (General) Botnet has been identified as one of the most emerging threats to the Internet users. It has been attracted much attention and gives a big threat in network security. Through the year a number of Botnet variants have been introduced and the most lethal variants are known as peerto- peer (P2P) botnets which able to camouflaging itself as the benign P2P application. This evolution of Botnet variants has made it harder to detect and shut down. Alike any network connection, p2p similarly using TCP to initialize the communication between two parties. Based on this reason, this paper investigates the network traffic characteristics of normal P2P connection and P2P botnets through the TCP connection initialize or received between the bot to the bot master. The proposed mechanism detects and classifies the P2P botnet TCP connection behaviour from the normal P2P network traffic. This can be used for early warning of P2P botnet activities in the network and prevention mechanism. 2011 Article PeerReviewed text en http://eprints.utem.edu.my/id/eprint/3580/1/Paper_28111124_IJCSIS__pp._7-11.pdf Abdullah, Raihana Syahirah and Mas'ud, M. Z. and Abdollah, M. F. and Sahib, S. and Yusof, R. (2011) Recognizing P2P Botnets Characteristic Through TCP Distinctive Behaviour. International Journal of Computer Science and Information Security, 9 (12). pp. 7-11. ISSN 1947-5500 |
| spellingShingle | Q Science (General) Abdullah, Raihana Syahirah Mas'ud, M. Z. Abdollah, M. F. Sahib, S. Yusof, R. Recognizing P2P Botnets Characteristic Through TCP Distinctive Behaviour |
| title | Recognizing P2P Botnets Characteristic Through TCP Distinctive Behaviour |
| title_full | Recognizing P2P Botnets Characteristic Through TCP Distinctive Behaviour |
| title_fullStr | Recognizing P2P Botnets Characteristic Through TCP Distinctive Behaviour |
| title_full_unstemmed | Recognizing P2P Botnets Characteristic Through TCP Distinctive Behaviour |
| title_short | Recognizing P2P Botnets Characteristic Through TCP Distinctive Behaviour |
| title_sort | recognizing p2p botnets characteristic through tcp distinctive behaviour |
| topic | Q Science (General) |
| url | http://eprints.utem.edu.my/id/eprint/3580/ http://eprints.utem.edu.my/id/eprint/3580/1/Paper_28111124_IJCSIS__pp._7-11.pdf |