Comparison of the mean-field approach and simulation in a peer-to-peer botnet case study

A.V. Kolesnichenko, Anne Katharina Ingrid Remke, Pieter-Tjerk de Boer, Boudewijn R.H.M. Haverkort

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    15 Citations (Scopus)
    30 Downloads (Pure)

    Abstract

    Peer-to-peer botnets, as exemplified by the Storm Worm and Stuxnet, are a relatively new threat to security on the internet: infected computers automatically search for other computers to be infected, thus spreading the infection rapidly. In a recent paper, such botnets have been modeled using Stochastic Activity Networks, allowing the use of discrete-event simulation to judge strategies for combating their spread. In the present paper, we develop a mean-field model for analyzing botnet behavior and compare it with simulations obtained from the Möbius tool. We show that the mean-field approach provides accurate and orders-of- magnitude faster computation, thus providing very useful insight in spread characteristics and the effectiveness of countermeasures.
    Original languageUndefined
    Title of host publicationProceedings of the 8th European Performance Engineering Workshop, EPEW 2011
    EditorsN. Thomas
    Place of PublicationLondon
    PublisherSpringer
    Pages133-147
    Number of pages15
    DOIs
    Publication statusPublished - Oct 2011

    Publication series

    NameLecture Notes in Computer Science
    PublisherSpringer Verlag
    Volume6977
    ISSN (Print)0302-9743
    ISSN (Electronic)1611-3349

    Keywords

    • METIS-281544
    • IR-78784
    • peer-to-peer botnet spread
    • EWI-20735
    • Mean-field approximation
    • differential equations
    • Simulation

    Cite this

    Kolesnichenko, A. V., Remke, A. K. I., de Boer, P-T., & Haverkort, B. R. H. M. (2011). Comparison of the mean-field approach and simulation in a peer-to-peer botnet case study. In N. Thomas (Ed.), Proceedings of the 8th European Performance Engineering Workshop, EPEW 2011 (pp. 133-147). (Lecture Notes in Computer Science; Vol. 6977). London: Springer. https://doi.org/10.1007/978-3-642-24749-1_11