The Case for a Collaborative Universal Peer-to-Peer Botnet Investigation Framework
25 March 2014
18T13:26:42Z January 2016
Peer to Peer (P2P) botnets are becoming widely used as a low overhead, efficient, self maintaining, distributed alternative to the traditional client/server model across a broad range of cyberattacks. These cyberattacks can take the form of distributed denial of service attacks, authentication cracking, spamming, cyberwarfare or malware distribution targeting on financial systems. These attacks can also cross over into the physical world attacking critical infrastructure causing its disruption or destruction (power, communications, water, etc.). P2P technology lends itself well to being exploited for such malicious purposes due to the minimal setup, running and maintenance costs involved in executing a globally orchestrated attack, alongside the perceived additional layer of anonymity. In the ever evolving space of botnet technology, reducing the time lag between discovering a newly developed or updated botnet system and gaining the ability to mitigate against it is paramount. Often, numerous investigative bodies duplicate their efforts in creating bespoke tools to combat particular threats. This paper outlines a framework capable of fast tracking the investigative process through collaboration between key stakeholders.
Irish Research Council
Intel Ireland Ltd.
Type of Material
Academic Conferences and Publishing International Limited
Status of Item
9th International Conference on Cyber Warfare and Security (ICCWS-2014), CERIAS, Purdue University, Indiana, USA, 24 - 25 March 2014
This item is made available under a Creative Commons License