Skip to main content

WARDOG: Awareness Detection Watchdog for Botnet Infection on the Host Device.

Hatzivasilis, G., Soultatos, O., Chatziadam, P., Fysarakis, K., Askoxylakis, I., Ioannidis, S., Alexandris, G., Katos, V. and Spanoudakis, G., 2021. WARDOG: Awareness Detection Watchdog for Botnet Infection on the Host Device. IEEE Transactions on Sustainable Computing, 6 (1), 4 - 18.

Full text available as:

[img]
Preview
PDF
IEEE I-SUSC - WARDOG_v6 - Revision 2.pdf - Accepted Version
Available under License Creative Commons Attribution Non-commercial.

1MB

DOI: 10.1109/TSUSC.2019.2914917

Abstract

Botnets constitute nowadays one of the most dangerous security threats worldwide. High volumes of infected machines are controlled by a malicious entity and perform coordinated cyber-attacks. The problem will become even worse in the era of the Internet of Things (IoT) as the number of insecure devices is going to be exponentially increased. This paper presents WARDOG - an awareness and digital forensic system that informs the end-user of the botnet's infection, exposes the botnet infrastructure, and captures verifiable data that can be utilized in a court of law. The responsible authority gathers all information and automatically generates a unitary documentation for the case. The document contains undisputed forensic information, tracking all involved parties and their role in the attack. The deployed security mechanisms and the overall administration setting ensures non-repudiation of performed actions and enforces accountability. The provided properties are verified through theoretic analysis. In simulated environment, the effectiveness of the proposed solution, in mitigating the botnet operations, is also tested against real attack strategies that have been captured by the FORTHcert honeypots, overcoming state-of-the-art solutions. Moreover, a preliminary version is implemented in real computers and IoT devices, highlighting the low computational/communicational overheads of WARDOG in the field.

Item Type:Article
ISSN:2377-3782
Additional Information:European Union Horizon's 2020 research and innovation programme H2020-DS-SC7-2017 (Grant Number: 786890)
Uncontrolled Keywords:Computer crime, forensic, intrusion detection, intrusion prevention, network security, security management
Group:Faculty of Science & Technology
ID Code:36306
Deposited By: Symplectic RT2
Deposited On:29 Nov 2021 10:44
Last Modified:14 Mar 2022 14:30

Downloads

Downloads per month over past year

More statistics for this item...
Repository Staff Only -