Peer-to-peer botnets, as exemplified by the Storm Worm and
Stuxnet, are a relatively new threat to security on the internet: infected computers automatically search for other computers to be infected, thus spreading the infection rapidly. In a recent paper, such botnets have been modeled using Stochastic Activity Networks, allowing the use of discrete-event simulation to judge strategies for combating their spread. In the present paper, we develop a mean-field model for analyzing botnet behavior and compare it with simulations obtained from the Möbius tool. We show that the mean-field approach provides accurate and orders-of- magnitude faster computation, thus providing very useful insight in spread characteristics and the effectiveness of countermeasures.
|Name||Lecture Notes in Computer Science|
|Conference||8th European Performance Engineering Workshop, EPEW 2011, Borrowdale, United Kingdom|
|Period||1/10/11 → …|
- peer-to-peer botnet spread
- Mean-field approximation
- differential equations