Design, deployment and use of HTTP-based botnet (HBB) testbed
Title | Design, deployment and use of HTTP-based botnet (HBB) testbed |
Publication Type | Conference Paper |
Year of Publication | 2014 |
Authors | Alomari, E., Manickam, S., Gupta, B.B., Singh, P., Anbar, M. |
Conference Name | Advanced Communication Technology (ICACT), 2014 16th International Conference on |
Date Published | Feb |
Keywords | behavioural-based approaches, Botnet, botnet detection systems, Computer crime, Cyber Attacks, DDoS Attacks, distributed denial of service attacks, Floods, HBB testbed, http bot traces, HTTP flooding, HTTP-based botnet, HTTP-GET flooding method, Internet-connected computer programs, Intrusion detection, invasive software, Malware, real time HTTP-based botnet, Web access log, Web servers |
Abstract | Botnet is one of the most widespread and serious malware which occur frequently in today's cyber attacks. A botnet is a group of Internet-connected computer programs communicating with other similar programs in order to perform various attacks. HTTP-based botnet is most dangerous botnet among all the different botnets available today. In botnets detection, in particularly, behavioural-based approaches suffer from the unavailability of the benchmark datasets and this lead to lack of precise results evaluation of botnet detection systems, comparison, and deployment which originates from the deficiency of adequate datasets. Most of the datasets in the botnet field are from local environment and cannot be used in the large scale due to privacy problems and do not reflect common trends, and also lack some statistical features. To the best of our knowledge, there is not any benchmark dataset available which is infected by HTTP-based botnet (HBB) for performing Distributed Denial of Service (DDoS) attacks against Web servers by using HTTP-GET flooding method. In addition, there is no Web access log infected by botnet is available for researchers. Therefore, in this paper, a complete test-bed will be illustrated in order to implement a real time HTTP-based botnet for performing variety of DDoS attacks against Web servers by using HTTP-GET flooding method. In addition to this, Web access log with http bot traces are also generated. These real time datasets and Web access logs can be useful to study the behaviour of HTTP-based botnet as well as to evaluate different solutions proposed to detect HTTP-based botnet by various researchers. |
DOI | 10.1109/ICACT.2014.6779162 |
Citation Key | 6779162 |
- HTTP flooding
- Web servers
- Web access log
- real time HTTP-based botnet
- malware
- invasive software
- Intrusion Detection
- Internet-connected computer programs
- HTTP-GET flooding method
- HTTP-based botnet
- behavioural-based approaches
- http bot traces
- HBB testbed
- Floods
- distributed denial of service attacks
- DDoS Attacks
- Cyber Attacks
- Computer crime
- botnet detection systems
- botnet