AutoBotCatcher: Blockchain-Based P2P Botnet Detection for the Internet of Things
2018 IEEE 4th International Conference on Collaboration and Internet Computing (CIC)(2018)
摘要
In general, a botnet is a collection of compromised internet computers, controlled by attackers for malicious purposes. To increase attacks' success chance and resilience against defence mechanisms, modern botnets have often a decentralized P2P structure. Here, IoT devices are playing a critical role, becoming one of the major tools for malicious parties to perform attacks. Notable examples are DDoS attacks on Krebs on Security and DYN, which have been performed by IoT devices part of botnets. We take a first step towards detecting P2P botnets in IoT, by proposing AutoBotCatcher, whose design is driven by the consideration that bots of the same botnet frequently communicate with each other and form communities. As such, the purpose of AutoBotCatcher is to dynamically analyze communities of IoT devices, formed according to their network traffic flows, to detect botnets. AutoBotCatcher exploits a Byzantine Fault Tolerant (BFT) blockchain, as a state transition machine that allows collaboration of multiple parties without trust, in order to perform collaborative and dynamic botnet detection by collecting and auditing IoT devices' network traffic flows as blockchain transactions. In this paper, we focus on the design of the AutoBotCatcher by first defining the blockchain structure underlying AutoBot-Catcher, then discussing its components.
更多查看译文
关键词
Blockchain,Internet of Things,Security,P2P botnets,Botnet detection
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络