Multi-Stream Fused Model (MSFM) For Botnet Detection in Peer-to-Peer (P2P) technology
In the present computer epoch, DDoS, spam, and phishing are well-known problems on the Internet. In the past situation, attackers are inclined to utilize centralized high bandwidth associations for their attacks. But in these days, as the home users make use of high bandwidth internet connections, attackers have begun infecting as well as making use these home computers in order to accomplish their tasks., Attackers are attacking from diverse places, so it is very tough to catch or prevent and usually have more bandwidth to misuse. So, for identifying the creation of these extensive networks of infected hosts, recent techniques are needed, predominantly, attackers have found the peer-to-peer (P2P) technology it seems. They design novel features such as P2P Command and Control (C&C) that makes traditional detection techniques no longer proficient for signifying the subsistence of the bots. As a result, a system is presented that precisely as well as proficiently identifies the subsistence of storm botnet. In this research work, dependent upon numerous novel P2P botnet characteristic properties, a new real-time detecting model – MSFM (Multi-Stream Fused Model) is presented. MSFM takes numerous types of packets’ distinctive characteristics and deal them with corresponding approaches. Experimentation outcomes illustrate that this model could precisely identify botnet with moderately low false-positive as well as false-negative rates.
Author's Name: Micah Jason, Declan Hayden
Volume: Volume 14
Issues: Issue 1
Keywords: Centralized Botnet, Discrete Kalman Filter, Multi-Chart CUSUM, P2P Command and Control