AutoBotCatcher: Blockchain-based P2P Botnet Detection for the Internet of Things

by   Gokhan Sagirlar, et al.

In general, a botnet is a collection of compromised internet computers, controlled by attackers for malicious purposes. To increase attacks' success chance and resilience against defence mechanisms, modern botnets have often a decentralized P2P structure. Here, IoT devices are playing a critical role, becoming one of the major tools for malicious parties to perform attacks. Notable examples are DDoS attacks on Krebs on Security and DYN, which have been performed by IoT devices part of botnets. We take a first step towards detecting P2P botnets in IoT, by proposing AutoBotCatcher, whose design is driven by the consideration that bots of the same botnet frequently communicate with each other and form communities. As such, the purpose of AutoBotCatcher is to dynamically analyze communities of IoT devices, formed according to their network traffic flows, to detect botnets. AutoBotCatcher exploits a permissioned Byzantine Fault Tolerant (BFT) blockchain, as a state transition machine that allows collaboration of a set of pre-identified parties without trust, in order to perform collaborative and dynamic botnet detection by collecting and auditing IoT devices' network traffic flows as blockchain transactions. In this paper, we focus on the design of the AutoBotCatcher by first defining the blockchain structure underlying AutoBotCatcher, then discussing its components.


page 1

page 2

page 3

page 4


Anti-Tamper Protection for Internet of Things System Using Hyperledger Fabric Blockchain Technology

Automated and industrial Internet of Things (IoT) devices are increasing...

N-BaIoT: Network-based Detection of IoT Botnet Attacks Using Deep Autoencoders

The proliferation of IoT devices which can be more easily compromised th...

A Secure and Trusted Mechanism for Industrial IoT Network using Blockchain

Industrial Internet-of-Things (IIoT) is a powerful IoT application which...

Toward a Blockchain-based Platform to Manage Cybersecurity Certification of IoT devices

The goal of this paper is to propose a blockchain-based platform to enha...

Light-Weight DDoS Mitigation at Network Edge with Limited Resources

The Internet of Things (IoT) has been growing rapidly in recent years. W...

Position paper: A systematic framework for categorising IoT device fingerprinting mechanisms

The popularity of the Internet of Things (IoT) devices makes it increasi...

Preventing Denial of Service Attacks in IoT Networks through Verifiable Delay Functions

Permissionless distributed ledgers provide a promising approach to deal ...

Please sign up or login with your details

Forgot password? Click here to reset