REN Wei1, SONG Li-peng1, FENG Li-ping2
(1. School of Computer and Control Engineering, North University of China, Taiyuan 030051, China;2. Department of Computer Science and Technology, Xinzhou Teachers University, Xinzhou 034000, China)
Abstract: Peer-to-Peer (P2P) botnet has emerged as one of the most serious threats to Internet security. To effectively eliminate P2P botnet, a delayed SEIR model is proposed,which can portray the formation process of P2P botnet. Then, the local stability at equilibria is carefully analyzed by considering the eigenvalues’ distributed ranges of characteristic equations. Both mathematical analysis and numerical simulations show that the dynamical features of the proposed model rely on the basic reproduction number and time delay τ. The results can help us to better understand the propagation behaviors of P2P botnet and design effective counter-botnet methods.
Key words: Peer-to-Peer (P2P) botnet; stability; SEIR model; time delay
CLD number: TP393.08 Document code: A
Article ID: 1674-8042(2014)04-0062-06 doi: 10.3969/j.issn.1674-8042.2014.04.012
References
[1] SONG Li-peng, JIN Zhen, SUN Gui-quan. Modeling and analyzing of botnet interactions. Physica A, 2011, 390 (2): 347-358.
[2] ZHANG Wen-fang, JIN C. The research on approaches for botnet detection. Energy Procedia, 2011, 13: 9726-9732.
[3] Symantec Internet security threat report.[2014-06-12]. http:∥www.symantec.com/threatreport/topic.jsp?id=threatreport.
[4] Holz T, Steiner M, Dahl F, et al. Measurements and mitigation of peer-to-peer-based botnets: a case study on storm worm. In: Proceedings of the 1st USENIX Workshop on Large-Scale Exploits and Emergent Threats, San Francisco, CA, 2008: 1-9.
[5] Ruitenbeek E V, Sanders W H. Modeling peer-to-peer botnets. In: Proceedings of the 5th International Conference on Quantitative Evaluation of Systems (QEST’08), St. Malo, France, 2008: 307-316.
[6] YAN Guan-hua, Ha D T, Eidenbenz S. AntBot: Anti-polllution peer-to-peer botnets. Computer Network: The International Journal of Computer and Telecommunications Networking, 2011, 55 (8): 1941-1956.
[7] Kolesnichenko A, Remke A, Boer P T, et al. Comparison of the mean-field approach and simulation in a peer-to-peer botnet case study. Computer Performance Engineering, 2011, 6977: 133-147.
[8] Schneider D. The state of network security. Network Security, 2012: 14-20.
[9] JIANG Hong-ling, SHAO Xiu-li. Detecting P2P botnets by discovering flow dependency in C & C traffic. Peer-to-Peer Network and Application, 2012: 1-12.
[10] HAN Qin-ting, YU Wen-qiu, ZHANG Yao-yao, et al. Model and evaluating of typical advanced Peer-to-Peer botnet. Performance Evaluation, 2014, 72: 1-15.
[11] YANG Lu-xing, YANG Xiao-fan. Propagation behavior of virus code in the situation that infected computers are connected to the Internet with possible probability. Discrete Dynamics in Nature and Society, 2012: 1-13. [doi:10.1155/2012/693695].
[12] HAN Xie, LI Yi-hong, FENG Li-ping, et al. Influence of removable devices’ heterouse on the propagation of malware. Discrete Dynamics in Nature and Society, 2013: 1-6. [doi:10.1155/2013/296940].
[13] LI Yi-hong, PAN Jin-xiao, SONG Li-peng, et al. The influence of user protection behaviors on the control of internet worm propagation. Discrete Dynamics in Nature and Society, 2013: 1-13. [doi:10.1155/2013/531781].
[14] SONG Li-peng, HAN Xie, LIU Dong-ming, et al. Adaptive human behavior in a two-worm interaction model. Discrete Dynamics in Nature and Society, 2012. [doi:10.1155/2012/828246].
[15] SONG Li-peng, JIN Zhen, SUN Gui-quan, et al. Influence of removable devices on computer worms: dynamic analysis and control strategies. Computers and Mathematics with Applications, 2011, 61: 1823-1829.
[16] ZHU Qing-yi, YANG Xiao-fan, YANG Lu-xing. A mixing propagation model of computer viruses and countermeasures. Nonlinear Dynamics, 2013, 73: 1433-1441.
[17] ZHU Qing-yi, YANG Xiao-fan, REN Jian-guo. Modeling and analysis of the spread of computer virus. Communications in Nonlinear Science and Numerical Simulation, 2012, 17: 5117-5124.
[18] ZHU Qing-yi, YANG Xiao-fan, YANG Lu-xing, et al. Optimal control of computer virus under a delayed model. Applied Mathematics and Computation, 2012, 218: 11613-11619.
[19] YANG Lu-xing, YANG Xiao-fan. The effect of infected external computers on the spread of viruses: A compartment modeling study. Physica A, 2013, 392: 6523-6535.
[20] YANG Lu-xing, YANG Xiao-fan. The spread of computer viruses over a reduced scale-free network. Physica A, 2014: 396: 173-184.
[21] Dagon D, Zou C C, Lee W K. Modeling botnet propagation using time zones. In: Proceedings of the 13th Annual Network and Distributed System Security Symposium (NDSS’06), San Diego, CA, 2006: 235-249.
[22] Wang P, Aslam B, Zou C. Peer-to-Peer botnets: the next generation of botnet attacks. Orlando: University of Central Florida, 2010.
[23] FENG Li-ping, LIAO Xiao-feng, HAN Qi, et al. Dynamical analysis and control strategies on malware propagation model. Applied Mathematical Modeling, 2013, 37: 8225-8236.
[24] Hale J, Lunel S M V. Introduction to functional differential equations. Springer-Verlag, 1993.P2P
僵尸网络的新型数学模型
任玮1, 宋礼鹏1, 冯丽萍2
(1. 中北大学 计算机与控制工程学院, 山西 太原 030051; 2. 忻州师范学院 计算机科学与技术系, 山西 忻州 034000)
摘要:P2P 僵尸网络已成为互联网安全领域最严重的威胁之一。 为了有效地遏制P2P僵尸网络, 本文提出刻画 P2P 僵尸网络形成过程的一种新模型, 该模型是带时滞的 SEIR 模型。 基于特征方程特征值的分布范围, 分析了模型在平衡点的局部稳定性。 理论分析和数值模拟结果都表明, 该时滞模型的动力学特征依赖于基本再生数 R0 和时间延迟 τ。 本文的结果有助于更好地了解 P2P 僵尸网络的传播行为, 并据此设计有效的反制措施。
关键词:P2P 僵尸网络; 稳定性; SEIR 模型; 时滞
引用格式:REN Wei, SONG Li-peng, FENG Li-ping. A novel mathematical model on Peer-to-Peer botnet. Journal of Measurement Science and Instrumentation, 2014, 5(4): 62-67. [doi: 10.3969/j.issn.1674-8042.2014.04.012]
[full text view]