98級-廖紋淇-P2P Botnet之規模估計

98級-廖紋淇-P2P Botnet之規模估計

[ 摘要 ]
年來傀儡網路已成為網際網路安全的威脅，攻擊者能控制大量的電腦，以發動各種不同的攻擊，如DDoS攻擊、濫發垃圾郵件、竊取個資等。
Botnet的規模大小是評估其威脅的關鍵指標，愈大的Botnet其所帶來的威脅也愈大。
如何去估計Botnet的規模，也成為資安研究的一個重要議題。本研究提出一個利用P2P Botnet中，每個節點都會持有Botnet中部分成員的節點資訊之特性，以重複捕取法取樣估計的模式來估計P2P Botnet的規模。

[ 英文摘要 ]
In recent years, Botnets have become major security threats in Internet, since the attacker can control a large number of bots. Attackers primarily use them for DDoS attacks, e-mail spamming, or massive personal information theft.

The size of a Botnet is a key index to estimate the threat of a botnet. The larger size of a Botnet, the more devastating these attacks can be. To estimate the size of a botnet becomes an important issue in Internet security. In P2P Botnet, every bot peer holds information about some other bot peers. In this study, we utilize this characteristic and capture-recapture technique to estimate the size of a P2P botnet.