Abstract
Using a massive number of coordinated and distributed machines, botnets have become one of the most sophisticated cyber threats. However, software defined networking leads to more effective mitigation approaches by providing a flexible and dynamic way to control the network. Existing botnet detection approaches fail to detect unknown botnet threats and are time consuming. Facing these shortcomings motivates us to employ honeypots as a competent solution. We propose a novel blocking approach that uses honeypots to detect and efficiently prevent botnet propagation in software defined networks. This approach identifies the relationship among botnet members and intelligently blocks them. We also design and implement a deception system based on our blocking approach with two goals: reducing the botnet infection rate and wasting the adversary’s time. Experimental results, which are based on a real malware, show that our proposed system compared with current blocking approaches can reduce the infection rate up to 25% and increase the adversary’s wasted time by a factor of four. Our system also provides a satisfactory detection performance.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: Journal of Ambient Intelligence and Humanized Computing
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
