| Abstract: | P2P Botnets are one of the most malevolent threats to the Internet users due to their resiliency against takedown efforts. In this paper, we propose a bot detection system that is capable of detecting stealthy bots in a network. This system treats network traffic as a data stream, segregating the traffic into two parallel streams. The detection is based on failure traffic and communication traffic. The traffic is analyzed during small time window, and the infected hosts are reported immediately. The network administrator can monitor the status of hosts in the network and can take the necessary action before the infected hosts harm the system or can involve in the attacks. Experiments and evaluation of the proposed system on a variety of P2P data transfer applications and P2P botnets have demonstrated high accuracy of detection. The scalability of the proposed system is exhibited through its implementation on Hadoop MapReduce. |
