International Journal of Advanced Networking and Applications

Open Access Open Access  Restricted Access Subscription Access

A Distributed and Co-Operative Approach To Botnet Detection Using Gossip Protocol


Affiliations
1 Computer Science Department, VJTI, Mumbai, India
 

Bots, in recent times, have posed a major threat to enterprise networks. With the distributed nature of the way in which botnets operate, the problems faced by enterprises have become acute. A bot is a programme that operates as an agent for a user and runs automated tasks over the internet, at a much higher rate than would be possible for a human alone. A collection of bots in a network, used for malicious purposes, is referred to as a botnet. In this paper we suggested a distributed, co-operative approach towards detecting botnets is a given network which is inspired by the gossip protocol. Each node in a given network runs a standalone agent that computes a suspicion value for that node after regular intervals. Each node in the network exchanges its suspicion values with every other node in the network at regular intervals. The use of gossip protocol ensures that if a node in the network is compromised, all other nodes in the network are informed about it as soon as possible. Each node also ensures that at any instance, by means of the gossip protocol, it maintains the latest suspicion values of all the other nodes in the network.

Keywords

Gossip List, Gossip Protocol, Stand-Alone Agent, Suspicion Matrix, Suspicion Vector.
User
Notifications
Font Size

Abstract Views: 262

PDF Views: 0




  • A Distributed and Co-Operative Approach To Botnet Detection Using Gossip Protocol

Abstract Views: 262  |  PDF Views: 0

Authors

Manoj Rameshchandra Thakur
Computer Science Department, VJTI, Mumbai, India

Abstract


Bots, in recent times, have posed a major threat to enterprise networks. With the distributed nature of the way in which botnets operate, the problems faced by enterprises have become acute. A bot is a programme that operates as an agent for a user and runs automated tasks over the internet, at a much higher rate than would be possible for a human alone. A collection of bots in a network, used for malicious purposes, is referred to as a botnet. In this paper we suggested a distributed, co-operative approach towards detecting botnets is a given network which is inspired by the gossip protocol. Each node in a given network runs a standalone agent that computes a suspicion value for that node after regular intervals. Each node in the network exchanges its suspicion values with every other node in the network at regular intervals. The use of gossip protocol ensures that if a node in the network is compromised, all other nodes in the network are informed about it as soon as possible. Each node also ensures that at any instance, by means of the gossip protocol, it maintains the latest suspicion values of all the other nodes in the network.

Keywords


Gossip List, Gossip Protocol, Stand-Alone Agent, Suspicion Matrix, Suspicion Vector.