New Discovery of P2P Botnets Attack Pattern within Host-and-Network Atmosphere

(*) Corresponding author

Authors' affiliations

DOI's assignment:
the author of the article can submit here a request for assignment of a DOI number to this resource!
Cost of the service: euros 10,00 (for a DOI)


The attacks of advanced P2P botnets become critical threats to the Internet security. Nowadays, powerful botnets creates to make this botnets stronger and immune from any prevention techniques. Hence, studies of attack pattern required on detecting and restructuring the security of the network that has been attacked.  This paper proposes a new generalization of P2P botnets attack pattern that conducted within host and network atmosphere. In each attack steps, the investigation of P2P botnets has been conducted to identify the characteristics and the behaviors. Then, detailed analyses on infected files have been conducted that cover both of host log and network log in different OSI layer via hybrid analyzer. This P2P botnets hybrid analyzer can be abstracted to form P2P botnets attack patterns. In advances, this paper verifies the new discovery attack pattern has achieved new level of accuracy and efficiency. Furthermore, this P2P botnets attack pattern will beneficial to the P2P botnets detection and computer forensic investigation.
Copyright © 2013 Praise Worthy Prize - All rights reserved.


P2P Botnets; P2P Botnets Attack Pattern; Botmaster Attack; P2P Botnets Host-Log; P2P Botnets Network Traffic

Full Text:



J. B. Grizzard, V. Sharma, C. Nunnery, B. B. Kang, and D. Dagon: Peer-to-peer botnets: Overview and case study, Proc. 1st USENIX Workshop on Hot Topics in Understanding Botnets (HotBots '07), Cambridge, 2007.

T. Holz, M. Steiner, F. Dahl, E. W. Biersack, and F. Freiling: Measurements and mitigation of peer-to-peer-based botnets: A case study on storm worm, Proc. 1st Usenix Workshop on Large-scale Exploits and Emergent Threats (LEET '08), San Francisco, 2008

Langin C. et al. “A Self-Organizing Map and its Modeling for Discovering Malignant Network Traffic.” Southern Illinois University, USA: IEEE, 2009

Yousof A.H and Aickelin U.: 2011 – The Year of the Botnet, IT Business Edge, 2011

Dan L. et al. (2010). “A P2P-Botnet Detection Model and Algorithms Based on Network Streams Analysis”. 2010 International Conference on Future Information Technology and Management Training. (pp. 55-58). China: IEEE

Chandrashekar, J. et al: The Dark Cloud: Understanding and Defending against Botnets and Stealthy Malware. Intel Technology Journal Vol.13 Issues 2, 2009

Feily, M., A. Shahrestani, et al.: A Survey of Botnet and Botnet Detection. Third International Conference on Emerging Security Information, Systems and Technologies (SECURWARE), 2009.

Zang, X., et al.: Botnet Detection through Fine Flow Classification. CSE Department Technical Report CSE11-001, 2011

Mielke, C.J. and C. Hsinchun. Botnets, and the cybercriminal underground. in Intelligence and Security Informatics, 2008. ISI 2008. IEEE International Conference, 2008.

Robiah Y., Siti Rahayu S., et. al.: An Improved Traditional Worm Attack Pattern: IEEE, 2010.

Hoglund, G., & McGraw, G. (2004). Exploiting Software: How to Break Code. Boston, Massachussetts: Addison-Wesley/Pearson.

P. Moore, A., J. Ellison, R., & C. Linger, R. (2001). Attack Modeling for Information Security and Survivability. (No. CMU/SEI-2001-TN-001.): Pittsburgh, Pennsylvania: Software Engineering Institute, Carnegie Mellon University.

Barnum, S., & Sethi, A. (2006). Introduction to Attack Patterns. [Electronic Version]. Retrieved 18 April 2010.

Dae-il, J., K. Minsoo, et al.: Analysis of HTTP2P Botnet: Case Study Waledac: IEEE 9th Malaysia International Conference on Communications (MICC), 2009.

Zeidanloo, H. R. and A. A. Manaf: Botnet Command and Control Mechanisms: Second International Conference on Computer and Electrical Engineering (ICCEE '09), 2009.

Zang, X., Tangpong, A., et al.: Botnet Detection through Fine Flow Classification: CSE Dept Technical Report CSE11-001, 2011

Leder, F., Werner, T. et al.: Proactive Botnet Countermeasures - An Offensive Approach, 2009

Donghong, S., L. Xuefeng, et al.: The New Architecture of P2P-Botnet: The Second Cybercrime and Trustworthy Computing Workshop (CTC), 2010

Chao, L., J. Wei, et al.: Botnet: Survey and Case Study: Fourth International Conference on Innovative Computing, Information and Control (ICICIC), 2009.

Junfeng, D., J. Jian, et al.: Descriptive model of peer-to-peer Botnet structures: International Conference on Educational and Information Technology (ICEIT), 2010.

Raihana Syahirah Abdullah et al., “Preliminary study of host and network-based analysis on P2P Botnet detection”; TIME-E Confernece IEEE Bandung, Indonesia: 2013

Lincoln Lab, M.,: 1999 DARPA Intrusion Detection Evaluation Plan, [Electronic Version]

Mohd Faizal Abdollah,: Fast Attack Detection Technique For Network Intrusion Detection System. Ph. D. Thesis. Universiti Teknikal Malaysia Melaka, Malaysia,2009

Braverman, M.: P2P Botnets: A Case Study from Microsoft’s Perspective: Virus Bulletin Conference, 2005

Ezzeldin H. (2010). Penetration Testing: Scanning using Nmap Part 1[Online] Retrieved on Mac 2011 from http://haymanezzeldin.

Hu, D., Luo, J., Feng, Y., Copyright protection in P2P networks using digital fingerprinting, (2011) International Review on Computers and Software (IRECOS), 6 (3), pp. 366-370.

Pei, Y., Clustering identical sampling algorithm of mobile P2P networks from real-time data, (2012) International Review on Computers and Software (IRECOS), 7 (5), pp. 2401-2407.

Alsous, E., Alsous, A., A botnet detection system using multiple classifiers strategy, (2012) International Review on Computers and Software (IRECOS), 7 (5), pp. 2022-2028.


  • There are currently no refbacks.

Please send any question about this web site to
Copyright © 2005-2024 Praise Worthy Prize