Comparison of the mean-field approach and simulation in a peer-to-peer botnet case study

A.V. Kolesnichenko, Anne Katharina Ingrid Remke, Pieter-Tjerk de Boer, Boudewijn R.H.M. Haverkort, N. Thomas (Editor)

Research output: Other contribution

15 Citations (Scopus)

Abstract

Peer-to-peer botnets, as exemplified by the Storm Worm and Stuxnet, are a relatively new threat to security on the internet: infected computers automatically search for other computers to be infected, thus spreading the infection rapidly. In a recent paper, such botnets have been modeled using Stochastic Activity Networks, allowing the use of discrete-event simulation to judge strategies for combating their spread. In the present paper, we develop a mean-field model for analyzing botnet behavior and compare it with simulations obtained from the Möbius tool. We show that the mean-field approach provides accurate and orders-of- magnitude faster computation, thus providing very useful insight in spread characteristics and the effectiveness of countermeasures.
Original languageEnglish
PublisherSpringer Verlag
Number of pages15
Place of PublicationLondon
DOIs
Publication statusPublished - Oct 2011
Externally publishedYes

Keywords

  • METIS-281544
  • IR-78784
  • peer-to-peer botnet spread
  • EWI-20735
  • Mean-field approximation
  • differential equations
  • Simulation

Fingerprint Dive into the research topics of 'Comparison of the mean-field approach and simulation in a peer-to-peer botnet case study'. Together they form a unique fingerprint.

  • Cite this

    Kolesnichenko, A. V., Remke, A. K. I., de Boer, P-T., Haverkort, B. R. H. M., & Thomas, N. (Ed.) (2011, Oct). Comparison of the mean-field approach and simulation in a peer-to-peer botnet case study. London: Springer Verlag. https://doi.org/10.1007/978-3-642-24749-1_11