Simulation of Protection Mechanisms against Botnets on the Basis of “Nervous Network” Framework

Igor Kotenko, Andrey Shorov

Abstract

The paper suggests a simulation approach to investigate the protection against botnets on the basis of the “nervous network” framework. This approach is an example of bio-inspired approaches to the computer networks protection. The developed simulator is described. Results of the experiments are considered. Finally, we analyze and compare the performance of the basic protection mechanisms with “nervous network” protection technique.

References

  1. Akiyama, M., Kawamoto, T., Shimamura, M., Yokoyama, T., Kadobayashi, Y., Yamaguchi, S. 2007. A proposal of metrics for botnet detection based on its cooperative behavior. In SAINT Workshops, pp.82-82.
  2. Anagnostakis, K., Greenwald, M., Ioannidis, S., Keromytis, A., Li, D. 2003. A Cooperative Immunization System for an Untrusting Internet. In The 11th IEEE International Conference on Networks (ICON2003), pp.403-408.
  3. Bailey, M., Cooke, E., Jahanian, F., Xu, Y., Karir, M. 2009. A Survey of Botnet Technology and Defenses. In Cybersecurity Applications Technology Conference for Homeland Security.
  4. Binkley, J.R., Singh, S., 2006. An algorithm for anomalybased botnet detection. In The 2nd conference on Steps to Reducing Unwanted Traffic on the Internet, Vol.2.
  5. Chen, S., Tang, Y. 2004. Slowing Down Internet Worms. In The 24th International Conference on Distributed Computing Systems.
  6. Chen, Y., Chen, H. 2009. NeuroNet: An Adaptive Infrastructure for Network Security. In International Journal of Information, Intelligence and Knowledge, Vol.1, No.2.
  7. Dagon, D., Zou, C., Lee, W. 2006. Modeling botnet propagation using time zones. In The 13th Annual Network and Distributed System Security Symposium. San Diego, CA.
  8. Dressler, F. 2005. Bio-inspired mechanisms for efficient and adaptive network security. In Service Management and Self-Organization in IP-based Networks.
  9. Feily, M., Shahrestani, A., Ramadass, S. 2009. A Survey of Botnet and Botnet Detection. In Third International Conference on Emerging Security Information Systems and Technologies.
  10. Grizzard, J.B., Sharma, V., Nunnery, C., Kang, B.B., Dagon, D. 2007. Peer-to-Peer Botnets: Overview and Case Study. In First Workshop on Hot Topics in Understanding Botnets (HotBots'07).
  11. Huebscher, M., McCann, J. 2008. A survey of autonomic computing - degrees, models, and applications. In Journal ACM Computing Surveys (CSUR), Vol. 40, Issue 3.
  12. INET, 2012. http://inet.omnetpp.org/.
  13. Kotenko, I. 2010. Agent-Based Modelling and Simulation of Network Cyber-Attacks and Cooperative Defence Mechanisms. In Discrete Event Simulations, Sciyo, pp.223-246.
  14. Kotenko, I., Konovalov, A., Shorov, A. 2010. Agent-based Modeling and Simulation of Botnets and Botnet Defense. In Conference on Cyber Conflict. CCD COE Publications. Tallinn, Estonia, pp.21-44.
  15. Li, L., Alderson, D., Willinger, W., Doyle, J. 2004. A first-principles approach to understanding the internet router-level topology. In ACM SIGCOMM Computer Communication Review.
  16. Li, J., Mirkovic, J., Wang, M., Reither, P., Zhang, L. 2002. Save: Source address validity enforcement protocol. In IEEE INFOCOM, pp.1557-1566.
  17. Mazzariello, C. 2008. IRC traffic analysis for botnet detection. In Fourth International Conference on Information Assurance and Security.
  18. Nagaonkar, V., Mchugh, J. 2008. Detecting stealthy scans and scanning patterns using threshold random walk, Dalhousie University.
  19. Naseem, F., Shafqat, M., Sabir, U., Shahzad, A. 2010. A Survey of Botnet Technology and Detection. In International Journal of Video & Image Processing and Network Security, Vol.10, No. 01.
  20. Owezarski, P., Larrieu, N. 2004. A trace based method for realistic simulation. In 2004 IEEE International Conference on Communications.
  21. Peng, T., Leckie, C., Ramamohanarao, K. 2004. Proactively Detecting Distributed Denial of Service Attacks Using Source IP Address Monitoring. In Lecture Notes in Computer Science, Vol.3042, pp.771- 782.
  22. ReaSE, 2012. https://i72projekte.tm.uka.de/trac/ReaSE.
  23. Simmonds, R., Bradford, R., Unger, B. 2000. Applying parallel discrete event simulation to network emulation. In The fourteenth workshop on Parallel and distributed simulation.
  24. Varga, A. 2010. OMNeT++. In Modeling and Tools for Network Simulation, Wehrle, Klaus; Gunes, Mesut; Gross, James (Eds.) Springer Verlag.
  25. Wang, P., Sparks, S., Zou, C.C. 2007. An advanced hybrid peer-to-peer botnet. In First Workshop on Hot Topics in Understanding Botnets (HotBots'07).
  26. Wang, H., Zhang, D., Shin, K. 2002. Detecting SYN flooding attacks. In IEEE INFOCOM, pp.1530-1539.
  27. Wehrle, K., Gunes, M., Gross, J. 2010. Modeling and Tools for Network Simulation, Springer-Verlag.
  28. Williamson, M. 2002. Throttling Viruses: Restricting propagation to defeat malicious mobile code. In ACSAC Security Conference, pp.61-68.
  29. Zhou, S., Zhang, G., Zhang, G., Zhuge, Zh. 2006. Towards a Precise and Complete Internet Topology Generator. In International Conference Communications.
Download


Paper Citation


in Harvard Style

Kotenko I. and Shorov A. (2012). Simulation of Protection Mechanisms against Botnets on the Basis of “Nervous Network” Framework . In Proceedings of the 2nd International Conference on Simulation and Modeling Methodologies, Technologies and Applications - Volume 1: SIMULTECH, ISBN 978-989-8565-20-4, pages 164-169. DOI: 10.5220/0004123401640169


in Bibtex Style

@conference{simultech12,
author={Igor Kotenko and Andrey Shorov},
title={Simulation of Protection Mechanisms against Botnets on the Basis of “Nervous Network” Framework},
booktitle={Proceedings of the 2nd International Conference on Simulation and Modeling Methodologies, Technologies and Applications - Volume 1: SIMULTECH,},
year={2012},
pages={164-169},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004123401640169},
isbn={978-989-8565-20-4},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 2nd International Conference on Simulation and Modeling Methodologies, Technologies and Applications - Volume 1: SIMULTECH,
TI - Simulation of Protection Mechanisms against Botnets on the Basis of “Nervous Network” Framework
SN - 978-989-8565-20-4
AU - Kotenko I.
AU - Shorov A.
PY - 2012
SP - 164
EP - 169
DO - 10.5220/0004123401640169