Visible to the public Distributed Threat Intelligence Sharing System: A New Sight of P2P Botnet Detection

TitleDistributed Threat Intelligence Sharing System: A New Sight of P2P Botnet Detection
Publication TypeConference Paper
Year of Publication2019
AuthorsLi, Jiabin, Xue, Zhi
Conference Name2019 2nd International Conference on Computer Applications Information Security (ICCAIS)
KeywordsAHP and HMM based analysis algorithm, analytic hierarchy process, BAV quantitative TI model, Botnet, Clustering algorithms, computer network security, Cyberspace, cyberspace security, distributed botnet, distributed cyber threat, distributed methods, distributed threat intelligence sharing system, evaluating system, Hidden Markov models, human factors, invasive software, Metrics, network traffic analysis, P2P botnet detection, peer to peer security, peer-to-peer botnet detection, Peer-to-peer computing, pubcrawl, Resiliency, Scalability, security, Standards, telecommunication traffic, threat intelligence, Threat intelligence sharing
AbstractBotnet has been evolving over time since its birth. Nowadays, P2P (Peer-to-Peer) botnet has become a main threat to cyberspace security, owing to its strong concealment and easy expansibility. In order to effectively detect P2P botnet, researchers often focus on the analysis of network traffic. For the sake of enriching P2P botnet detection methods, the author puts forward a new sight of applying distributed threat intelligence sharing system to P2P botnet detection. This system aims to fight against distributed botnet by using distributed methods itself, and then to detect botnet in real time. To fulfill the goal of botnet detection, there are 3 important parts: the threat intelligence sharing and evaluating system, the BAV quantitative TI model, and the AHP and HMM based analysis algorithm. Theoretically, this method should work on different types of distributed cyber threat besides P2P botnet.
DOI10.1109/CAIS.2019.8769511
Citation Keyli_distributed_2019