A revised ant colony optimization scheme for discovering attack paths of botnet

Ping Wang, Hui Tang Lin, Tzy Shiah Wang

Research output: Chapter in Book/Report/Conference proceedingConference contribution

5 Citations (Scopus)

Abstract

IP traceback technique is an effective method to find either the attack origin or command-and-control (C&C) server on the Internet. The traditional ACO (ant colony optimization) constantly converged to a local minimum solution easily such that the global most portable of the final solution might be missed. Accordingly, the present study proposes a modified ACS (ant colony system) scheme designated as ACS-IPTBK to solve the IP traceback problem, predict both the most probable attack path and the computational resources needed in botnets. The ability of the ants to search all feasible attack paths is enhanced by means of a global heuristics. A series of ns2 simulations are performed to investigate the minimum resources required to successfully reconstruct the attack path. The convergence time for attack paths of different routing distances were investigated using a random graph generator based on Waxman's scheme. Overall, the results confirm that the proposed method provides an effective means of reconstructing the path between the attacker and the victim based on the incomplete routing information from the related ISPs.

Original languageEnglish
Title of host publicationProceedings - 2011 17th IEEE International Conference on Parallel and Distributed Systems, ICPADS 2011
Pages918-923
Number of pages6
DOIs
Publication statusPublished - 2011 Dec 1
Event2011 17th IEEE International Conference on Parallel and Distributed Systems, ICPADS 2011 - Tainan, Taiwan
Duration: 2011 Dec 72011 Dec 9

Publication series

NameProceedings of the International Conference on Parallel and Distributed Systems - ICPADS
ISSN (Print)1521-9097

Other

Other2011 17th IEEE International Conference on Parallel and Distributed Systems, ICPADS 2011
CountryTaiwan
CityTainan
Period11-12-0711-12-09

All Science Journal Classification (ASJC) codes

  • Hardware and Architecture

Fingerprint Dive into the research topics of 'A revised ant colony optimization scheme for discovering attack paths of botnet'. Together they form a unique fingerprint.

Cite this