Agent based modeling and simulation of botnets and botnet defense

Submitted by Reza Rafati on Wed, 02/23/2011 - 15:33

 

Agent based modeling and simulation of botnets and botnet defense
 

Laboratory of Computer Security Problems, St. Petersburg Institute for Informatics 
and Automation of Russian Academy of Sciences, St. Petersburg, Russia
Abstract: Nowadays  we  are  witnesses  of  the  rapid  spread  of  botnets  across
the  Internet and using  them  for different  cyber attacks against our systems. 
Botnets join a huge number of compromised computers in the Internet and 
allow using these computers for performing vulnerability scans,  distributing denial-of-service (DDoS) attacks and sending enormous amounts of spam emails.
 
 It  is  a  very  complex  task  to  detect  such  botnets  and  protect against 
t heir at tacks. The paper considers t he approach to t he invest igation of botnets 
and  botnet  defense  mechanisms.  The  approach  is  based  on  the  agent-based 
simulation of cyber attacks and cyber defense mechanisms, which combines 
discrete-event simulation, multi-agent approach and packet-level simulation 
of network protocols.
 
The various methods of botnet attacks and counteraction  against  botnet  DDoS  attacks  are  explored  by  representing  botnets and botnet defense components as agent teams using the software simulation environment under development.
 
Agents are supposed to collect information from various sources, use different knowledge, forecast the intentions and actions of other agents, try to deceive the agents of competing team, react to actions of other agents. The teams of defense agents are able to cooperate as the defense system components of different organizations and Internet service providers (ISPs).
 
The paper outlines the common framework and implementation peculiarities of the simulation environment as well as the experiments 
 
aimed on the investigation of botnets and botnet DDoS defense mechanisms.
 
Keywords: cyber conflicts, cyber defense, botnets, Internet attacks and defense, DDoS, modeling and simulation, packet-based simulation, agent-based 
systems

 

Read the full PDF:
Source 

Conference on Cyber Conflict

Proceedings 2010              
C. Czosseck and K. Podins (Eds.)   
CCD COE Publications, 2010, Tallinn, Estonia.
 
By Igor Kotenko, Alexey Konovalov, and Andrey Shorov
 
 
 
 

 

Tags: 

Anonymous

South Africa Police Service Hacked
Post date: 05/22/2013 - 09:23
Anonymous hackers shut down Rome court's website
Post date: 05/21/2013 - 12:09
#opisrael reloaded - We know who you are!
Post date: 05/21/2013 - 11:58
Anonymous Hacktivists pinched in Vatican Operation Tango Down
Post date: 05/17/2013 - 16:24
#Anonymous #opPetrol will hit petroleum industry on the 20th of June 2013
Post date: 05/11/2013 - 12:44

Hacking

Twitter two-factor authentication
Post date: 05/23/2013 - 08:16
South Africa Police Service Hacked
Post date: 05/22/2013 - 09:23
Chinese Hackers Army Marching On U.S. companies, government Network
Post date: 05/20/2013 - 13:17
Yahoo Japan suspects 22m IDs stolen
Post date: 05/18/2013 - 11:38
Facebook to Anonymous: We see you and we will report you
Post date: 05/16/2013 - 17:42

Infosec

New Apple QuickTime Update Patches 12 Vulnerabilities
Post date: 05/24/2013 - 11:23
NYPD detective accused of hiring email hackers
Post date: 05/23/2013 - 23:36
Chinese hackers advertise HACKS FOR SALE
Post date: 05/23/2013 - 17:08
U.S. Power Grid Vulnerable to Attack by Iran,Congressional Report
Post date: 05/23/2013 - 13:03
Iran’s View of Cyberwarfare
Post date: 05/23/2013 - 12:16

Cyberwarfare

U.S. Could Use Cyberattack on Syrian Air Defenses
Post date: 05/19/2013 - 20:39
Microsoft Security Intelligence Report 14 released
Post date: 05/13/2013 - 14:11
Israel sets up 'secret' diplomatic mission in Persian Gulf
Post date: 05/13/2013 - 13:45
Watch Dogs Game targets SCADA systems & shows cyberwarfare
Post date: 05/13/2013 - 13:32
DOD confirms China’s cyberwar strategy
Post date: 05/12/2013 - 23:16