Hatzivasilis, G., Soultatos, O., Chatziadam, P., Fysarakis, K., Askoxylakis, I., Ioannidis, S., Alexandris, G., Katos, V. and Spanoudakis, G., 2021. WARDOG: Awareness Detection Watchdog for Botnet Infection on the Host Device. IEEE Transactions on Sustainable Computing, 6 (1), 4 - 18.
Full text available as:
|
PDF
IEEE I-SUSC - WARDOG_v6 - Revision 2.pdf - Accepted Version Available under License Creative Commons Attribution Non-commercial. 1MB | |
Copyright to original material in this document is with the original owner(s). Access to this content through BURO is granted on condition that you use it only for research, scholarly or other non-commercial purposes. If you wish to use it for any other purposes, you must contact BU via BURO@bournemouth.ac.uk. Any third party copyright material in this document remains the property of its respective owner(s). BU grants no licence for further use of that third party material. |
DOI: 10.1109/TSUSC.2019.2914917
Abstract
Botnets constitute nowadays one of the most dangerous security threats worldwide. High volumes of infected machines are controlled by a malicious entity and perform coordinated cyber-attacks. The problem will become even worse in the era of the Internet of Things (IoT) as the number of insecure devices is going to be exponentially increased. This paper presents WARDOG - an awareness and digital forensic system that informs the end-user of the botnet's infection, exposes the botnet infrastructure, and captures verifiable data that can be utilized in a court of law. The responsible authority gathers all information and automatically generates a unitary documentation for the case. The document contains undisputed forensic information, tracking all involved parties and their role in the attack. The deployed security mechanisms and the overall administration setting ensures non-repudiation of performed actions and enforces accountability. The provided properties are verified through theoretic analysis. In simulated environment, the effectiveness of the proposed solution, in mitigating the botnet operations, is also tested against real attack strategies that have been captured by the FORTHcert honeypots, overcoming state-of-the-art solutions. Moreover, a preliminary version is implemented in real computers and IoT devices, highlighting the low computational/communicational overheads of WARDOG in the field.
Item Type: | Article |
---|---|
ISSN: | 2377-3782 |
Additional Information: | European Union Horizon's 2020 research and innovation programme H2020-DS-SC7-2017 (Grant Number: 786890) |
Uncontrolled Keywords: | Computer crime, forensic, intrusion detection, intrusion prevention, network security, security management |
Group: | Faculty of Science & Technology |
ID Code: | 36306 |
Deposited By: | Symplectic RT2 |
Deposited On: | 29 Nov 2021 10:44 |
Last Modified: | 14 Mar 2022 14:30 |
Downloads
Downloads per month over past year
Repository Staff Only - |