Botnets are networks of computers which have been compromised by malicious software which enables a remotely located adversary to control them and focus their collective power on specific tasks. Botnets pose a significant global threat, with tangible political, economic and military ramifications and have resultingly become a field of significant interest within the cyber-security research community. While a number of effective defence techniques have been devised for botnets utilizing centralized command and control infrastructures, few of these techniques are suitable for defending against larger-scale peer-to-peer (P2P) botnets. In contrast, the sybil attack, combined with index poisoning is an established defence technique for P2P botnets. During a sybil attack, fake bots (\ie sybils) are inserted into the botnet. These sybils distribute fake commands to bots, causing them not to carry out illicit activities. Bots also then unwittingly redistribute the fake commands to other bots in the botnet.
This work uses packet-level simulation of a Kademlia-based P2P botnet to evaluate 1) the impact that the location of sybils within the underlying network topology can have on the effectiveness of sybil attacks and 2) several potential optimizations to the placement of sybils within the underlying network topology. / Graduate / 0537 / 0544 / 0984
Identifer | oai:union.ndltd.org:uvic.ca/oai:dspace.library.uvic.ca:1828/5095 |
Date | 18 December 2013 |
Creators | Verigin, Adam Louis |
Contributors | Neville, Stephen W. |
Source Sets | University of Victoria |
Language | English, English |
Detected Language | English |
Type | Thesis |
Rights | Available to the World Wide Web |
Page generated in 0.002 seconds