New content

This commit is contained in:
Valentin Brandl 2021-11-30 20:00:15 +01:00
parent 50f765b91b
commit 0f105288b0
2 changed files with 13 additions and 0 deletions

View File

@ -142,6 +142,19 @@ The implementation of the concepts of this work will be done as part of \ac{bms}
\footnotetext{\url{https://github.com/Telecooperation/BMS}} \footnotetext{\url{https://github.com/Telecooperation/BMS}}
% TODO: reference for page rank
In an earlier project, I implemented different node ranking algorithms (among others \enquote{PageRank}~\cite{page_pagerank_1998}) to detect sensors and crawlers in a botnet, as described in \citetitle{karuppayah_sensorbuster_2017}.
The goal of this work is to complicate detection mechanisms like this for botmasters, by centralizing the coordination of the system's crawlers and sensors, thereby reducing the node's rank for specific graph metrics.
The final result should be as general as possible and not depend on any botnet's specific behaviour but it assumes, that every \ac{p2p} botnet has some kind of \enquote{getNeighbourList} method in the protocol, that allows other peers to request a list of active nodes to connect to.
In the current implementation, each sensor will itself visit and monitor each new node it finds.
The idea for this work is to report newfound nodes back to the \ac{bms} backend first, where the graph of the known network is created and a sensor is selected, so that the specific ranking algorithm doesn't calculate to a suspiciously high or low value.
That sensor will be responsible to monitor the new node.
If it is not possible, to select a specific sensor so that the monitoring activity stays inconspicuous, the coordinator can do a complete shuffle of all nodes between the sensors to restore the wanted graph properties or produce a warning that another sensor might be required to stay under the radar.
%}}} methodology %}}} methodology

Binary file not shown.