vbrandl/masterthesis
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Some content

Browse Source
This commit is contained in:
Valentin Brandl 2021-12-07 17:42:39 +01:00
parent 0c4539ba40
commit ce3c56af72
1 changed files with 37 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
content.tex
View File

@ -140,9 +140,11 @@ There are three subtypes auf active detection:
\end{itemize}
%}}} detection criteria
%}}} introduction
%{{{ methodology
\subsection{Methodology}
\section{Methodology}
The implementation of the concepts of this work will be done as part of \ac{bms}\footnotemark, a monitoring platform for \ac{p2p} botnets described by \citeauthor{bock_poster_2019} in~\cite{bock_poster_2019}.
\Ac{bms} uses a hybrid active approach of crawlers and sensors (reimplementations of the \ac{p2p} protocol of a botnet, that won't perform malicious actions) to collect live data from active botnets.
@ -162,9 +164,41 @@ That sensor will be responsible to monitor the new node.
If it is not possible, to select a specific sensor so that the monitoring activity stays inconspicuous, the coordinator can do a complete shuffle of all nodes between the sensors to restore the wanted graph properties or warn if more sensors are required to stay undetected.
%{{{ primitives
\subsection{Protocol Primitives}
The coordination protocol must allow the following operations:
%{{{ sensor to backend
\subsubsection{Sensor to Backend}
\begin{itemize}
\item \mintinline{go}{registerSensor(capabilities)}: Register new sensor with capabilities (which botnet, available bandwidth, \ldots)
\item \mintinline{go}{unreachable(targets)}:
\end{itemize}
%}}} sensor to backend
%{{{ backend to sensor
\subsubsection{Backend to Sensor}
\begin{itemize}
\item \mintinline{go}{startCrawling(targets)}: Start crawling a batch of nodes for a specified time or until stopped, with \mintinline{go}{targets} being a list of targets and each target consists of a botnet identifier, IP address, port, bot identifier, how long and how often this bot should be monitored
\item \mintinline{go}{stopCrawling(targets)}: Stop crawling a batch of nodes
\end{itemize}
%}}} backend to sensor
%}}} primitives
%}}} methodology
%}}} introduction
% vim: set filetype=tex ts=2 sw=2 tw=0 et foldmethod=marker spell :