PhD Preliminary: Priyangika Piyasinghe

Tuesday, April 25, 2017 - 1:30pm
Event Type: 

Title: Data-driven Peer-to-Peer Botnet Detection in Waiting and Attacking Stages
Date/Time: April 25th, 2017 @ 1:30 PM
Place: 223 Atanasoff Hall 
Major Professor: Carl Chang, Morris Chang
Committee Members: Yong Guan, Simanta Mitra, Wensheng Zhang


Peer-to-Peer(P2P) botnet is one of the major threats in network security for serving as the infrastructure that is responsible for various cyber crimes. Enterprises routinely collect terabytes of security-relevant data. This work exploits such data to propose a novel large-scale P2P botnet detection that fuses big data behavioral analytics in conjunction with graph theoretical concepts.

P2P botnet lifecycle consists with the following stages: (a) Infection stage, during which the bot spreads, via email attachments, drive-by downloads, malicious software installation, etc.; (b) Rally stage, where the bot connects with a peer list and form P2P network; (c) Waiting stage, where the bot waits for the botmaster’s command; and (d) Executing stage, in which it actually attack carries out, such as a DDoS attack, generate mass of spam emails, etc. In this proposed work, we are focusing on detecting P2P botnet in last two stages. Future directions will also be discussed.

Piyasinghe Ph.d. Preliminary Oral Defense.pdf