You are here

The Case for a Collaborative Universal Peer to Peer Botnet Investigation Framework


Mark Scanlon, Tahar Kechadi

Publication Type: 
Refereed Conference Meeting Proceeding
Peer to Peer (P2P) botnets are becoming widely used as a low overhead, efficient, self maintaining,distributed alternative to the traditional client/server model across a broad range of cyberattacks. These cyberattacks can take the form of distributed denial of service attacks, authentication cracking, spamming, cyberwarfare or malware distribution targeting on financial systems. These attacks can also cross over into the physical world attacking critical infrastructure causing its disruption or destruction (power, communications, water, etc.). P2P technology lends itself well to being exploited for such malicious purposes due to the minimal setup,running and maintenance costs involved in executing a globally orchestrated attack, alongside the perceived additional layer of anonymity. In the ever evolving space of botnet technology, reducing the time lag between discovering a newly developed or updated botnet system and gaining the ability to mitigate against it is paramount. Often, numerous investigative bodies duplicate their efforts in creating bespoke tools to combat particular threats. This paper outlines a framework capable of fast tracking the investigative process through collaboration between key stakeholders.
Conference Name: 
9th International Conference on Cyber Warfare and Security
9th International Conference on Cyber Warfare and Security
Digital Object Identifer (DOI):
Publication Date: 
Conference Location: 
United States of America
National University of Ireland, Dublin (UCD)
Open access repository: