Comparison of the mean-field approach and simulation in a peer-to-peer botnet case study

A.V. Kolesnichenko, Anne Katharina Ingrid Remke, Pieter-Tjerk de Boer, Boudewijn R.H.M. Haverkort, N. Thomas (Editor)

Research output: Other contribution

16 Citations (Scopus)


Peer-to-peer botnets, as exemplified by the Storm Worm and Stuxnet, are a relatively new threat to security on the internet: infected computers automatically search for other computers to be infected, thus spreading the infection rapidly. In a recent paper, such botnets have been modeled using Stochastic Activity Networks, allowing the use of discrete-event simulation to judge strategies for combating their spread. In the present paper, we develop a mean-field model for analyzing botnet behavior and compare it with simulations obtained from the Möbius tool. We show that the mean-field approach provides accurate and orders-of- magnitude faster computation, thus providing very useful insight in spread characteristics and the effectiveness of countermeasures.
Original languageEnglish
PublisherSpringer Verlag
Number of pages15
Place of PublicationLondon
Publication statusPublished - Oct 2011
Externally publishedYes


  • METIS-281544
  • IR-78784
  • peer-to-peer botnet spread
  • EWI-20735
  • Mean-field approximation
  • differential equations
  • Simulation


Dive into the research topics of 'Comparison of the mean-field approach and simulation in a peer-to-peer botnet case study'. Together they form a unique fingerprint.

Cite this