New P2P Botnets Classification And Detection Framework

New P2P Botnets Classification And Detection Framework

Botnets is a tool for high-profile cyber-attack. It is a collection of compromised computer infected with advance malware that allows an attacker to remotely control them. Some botnets used Peer to Peer (P2P) protocols and Peer to Peer (P2P) technology to control computers and exploits users. They a...

Full description

Saved in:
Bibliographic Details
Main Author: Abdullah, Raihana Syahirah
Format: Thesis
Language:English
English
Published: UTeM 2016
Subjects:
T Technology (General)
TK Electrical engineering. Electronics Nuclear engineering
Online Access:http://eprints.utem.edu.my/id/eprint/18573/1/New%20P2P%20Botnets%20Classification%20And%20Detection%20Framework%2024%20Pages.pdf
http://eprints.utem.edu.my/id/eprint/18573/2/New%20P2P%20Botnets%20Classification%20And%20Detection%20Framework.pdf
http://eprints.utem.edu.my/id/eprint/18573/
https://plh.utem.edu.my/cgi-bin/koha/opac-detail.pl?biblionumber=101738
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Universiti Teknikal Malaysia Melaka
Language: English
English
id my.utem.eprints.18573
record_format eprints
spelling my.utem.eprints.185732021-10-10T16:38:50Z http://eprints.utem.edu.my/id/eprint/18573/ New P2P Botnets Classification And Detection Framework Abdullah, Raihana Syahirah T Technology (General) TK Electrical engineering. Electronics Nuclear engineering Botnets is a tool for high-profile cyber-attack. It is a collection of compromised computer infected with advance malware that allows an attacker to remotely control them. Some botnets used Peer to Peer (P2P) protocols and Peer to Peer (P2P) technology to control computers and exploits users. They are known as P2P Botnets. The unification of botnets and P2P technology make it more powerful and robust to be detected. Latest P2P botnets caused crisis and chaos to the network security. In order to deal with the issue, framework is needed to illustrate and explain the modules, terminologies and procedures as an important parts to implement the detection. But, the current P2P botnets detection frameworks are still not comprehensive enough to recognize the emergence of latest P2P botnets that cause financial loss and data damage to the network of the organization. Previous frameworks are incomplete and contained many of limitations which require some improvement. Lower detection rate and higher false alarms increase the failure of botnets detection. Hence, higher false alarm significantly causes ineffectiveness of detection. Due to the issues faced to identify the P2P botnets activities, the main objective of this research is to enhance P2P botnets detection framework using integrated approach. A complete analysis flow is performed to detect and classify the P2P botnets by adopting integrated analyser and integrated analysis. Besides developing a new framework, the research analysis classifies the behaviour of P2P botnets in order to differentiate between the P2P normal and P2P botnets. Through classification, this research introduces a generic P2P attack pattern and P2P behavioural model. Both generic P2P attack pattern and P2P behavioural model are then applied to develop the integrated approach that is used to validate the new P2P botnets detection. In evaluation and validation, the results showed that a new P2P botnets detection framework has effectively obtained high accuracy, high detection rates and lower false alarm. Significantly, the process of finding, identifying, classifying and detecting the P2P botnets is collaborated with Cyber Security Malaysia. Hence, this research introduces an enhancement framework to detect P2P botnets activities and validated by integrated approach that helps the network administrator to identify the existence of P2P botnets. UTeM 2016 Thesis NonPeerReviewed text en http://eprints.utem.edu.my/id/eprint/18573/1/New%20P2P%20Botnets%20Classification%20And%20Detection%20Framework%2024%20Pages.pdf text en http://eprints.utem.edu.my/id/eprint/18573/2/New%20P2P%20Botnets%20Classification%20And%20Detection%20Framework.pdf Abdullah, Raihana Syahirah (2016) New P2P Botnets Classification And Detection Framework. Doctoral thesis, Universiti Teknikal Malaysia Melaka. https://plh.utem.edu.my/cgi-bin/koha/opac-detail.pl?biblionumber=101738 HF5351.M34 2016
institution Universiti Teknikal Malaysia Melaka
building UTEM Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Teknikal Malaysia Melaka
content_source UTEM Institutional Repository
url_provider http://eprints.utem.edu.my/
language English
English
topic T Technology (General)
TK Electrical engineering. Electronics Nuclear engineering
spellingShingle T Technology (General)
TK Electrical engineering. Electronics Nuclear engineering
Abdullah, Raihana Syahirah
New P2P Botnets Classification And Detection Framework
description Botnets is a tool for high-profile cyber-attack. It is a collection of compromised computer infected with advance malware that allows an attacker to remotely control them. Some botnets used Peer to Peer (P2P) protocols and Peer to Peer (P2P) technology to control computers and exploits users. They are known as P2P Botnets. The unification of botnets and P2P technology make it more powerful and robust to be detected. Latest P2P botnets caused crisis and chaos to the network security. In order to deal with the issue, framework is needed to illustrate and explain the modules, terminologies and procedures as an important parts to implement the detection. But, the current P2P botnets detection frameworks are still not comprehensive enough to recognize the emergence of latest P2P botnets that cause financial loss and data damage to the network of the organization. Previous frameworks are incomplete and contained many of limitations which require some improvement. Lower detection rate and higher false alarms increase the failure of botnets detection. Hence, higher false alarm significantly causes ineffectiveness of detection. Due to the issues faced to identify the P2P botnets activities, the main objective of this research is to enhance P2P botnets detection framework using integrated approach. A complete analysis flow is performed to detect and classify the P2P botnets by adopting integrated analyser and integrated analysis. Besides developing a new framework, the research analysis classifies the behaviour of P2P botnets in order to differentiate between the P2P normal and P2P botnets. Through classification, this research introduces a generic P2P attack pattern and P2P behavioural model. Both generic P2P attack pattern and P2P behavioural model are then applied to develop the integrated approach that is used to validate the new P2P botnets detection. In evaluation and validation, the results showed that a new P2P botnets detection framework has effectively obtained high accuracy, high detection rates and lower false alarm. Significantly, the process of finding, identifying, classifying and detecting the P2P botnets is collaborated with Cyber Security Malaysia. Hence, this research introduces an enhancement framework to detect P2P botnets activities and validated by integrated approach that helps the network administrator to identify the existence of P2P botnets.
format Thesis
author Abdullah, Raihana Syahirah
author_facet Abdullah, Raihana Syahirah
author_sort Abdullah, Raihana Syahirah
title New P2P Botnets Classification And Detection Framework
title_short New P2P Botnets Classification And Detection Framework
title_full New P2P Botnets Classification And Detection Framework
title_fullStr New P2P Botnets Classification And Detection Framework
title_full_unstemmed New P2P Botnets Classification And Detection Framework
title_sort new p2p botnets classification and detection framework
publisher UTeM
publishDate 2016
url http://eprints.utem.edu.my/id/eprint/18573/1/New%20P2P%20Botnets%20Classification%20And%20Detection%20Framework%2024%20Pages.pdf
http://eprints.utem.edu.my/id/eprint/18573/2/New%20P2P%20Botnets%20Classification%20And%20Detection%20Framework.pdf
http://eprints.utem.edu.my/id/eprint/18573/
https://plh.utem.edu.my/cgi-bin/koha/opac-detail.pl?biblionumber=101738
_version_ 1715193900296044544

Similar Items