New content

content.tex

@@ -142,6 +142,19 @@ The implementation of the concepts of this work will be done as part of \ac{bms}
 
 \footnotetext{\url{https://github.com/Telecooperation/BMS}}
 
+% TODO: reference for page rank
+In an earlier project, I implemented different node ranking algorithms (among others \enquote{PageRank}~\cite{page_pagerank_1998}) to detect sensors and crawlers in a botnet, as described in \citetitle{karuppayah_sensorbuster_2017}.
+
+The goal of this work is to complicate detection mechanisms like this for botmasters, by centralizing the coordination of the system's crawlers and sensors, thereby reducing the node's rank for specific graph metrics.
+
+The final result should be as general as possible and not depend on any botnet's specific behaviour but it assumes, that every \ac{p2p} botnet has some kind of \enquote{getNeighbourList} method in the protocol, that allows other peers to request a list of active nodes to connect to.
+
+In the current implementation, each sensor will itself visit and monitor each new node it finds.
+The idea for this work is to report newfound nodes back to the \ac{bms} backend first, where the graph of the known network is created and a sensor is selected, so that the specific ranking algorithm doesn't calculate to a suspiciously high or low value.
+That sensor will be responsible to monitor the new node.
+
+If it is not possible, to select a specific sensor so that the monitoring activity stays inconspicuous, the coordinator can do a complete shuffle of all nodes between the sensors to restore the wanted graph properties or produce a warning that another sensor might be required to stay under the radar.
+
 %}}} methodology