P2P Botnets

Botnets pose a significant threat to the security of Internet based services and devices. The individual(s) behind these botnets, remotely control the infected devices to steal banking and personal information, distribute ransomware or conduct Distributed Denial of Service (DDoS) attacks against websites and other Internet based services, causing millions of dollars in damage every year.

Peer-to-Peer (P2P) botnets are among the most dangerous botnets, as they leverage P2P networks to communicate with and control the bots, providing resilience against disruption attempts and relative anonymity to the botmasters. The threat mitigation lifecycle against P2P botnets, consists of four phases: (1) Detection, (2) Reverse Engineering, (3) Monitoring and (4) Mitigation.Within this focus area, we address each of these phases and develop techniques to effectively manage transitions to the next phase.

We frequently have open topics within all four of these areas and encourage interested students to reach out to us. Useful skills include:

  • Reverse engineering
  • Programming in Python and Go
  • Interest and experience in (network) security