Title: Discovering P2P Botnets Behaviors in Skype Application using Machine Learning Approach

Issue Number: Vol. 8, No. 1
Year of Publication: March - 2019
Page Numbers: 15-22
Authors: Raihana Syahirah Abdullah, Faizal M.A., Anis Farhani
Journal Name: International Journal of Cyber-Security and Digital Forensics (IJCSDF)
- Hong Kong

Abstract:


Skype is one of the most used P2P applications on the Internet: VoIP calls, instant messaging, SMS and other features are provided at a low cost to millions of users. Although Skype is a closed source application, an API allows developers to build custom plugins which interact over the Skype network, taking advantage of its reliability and capability to easily bypass firewalls and NAT devices. Since the protocol is completely undocumented, Skype traffic is particularly hard to analyse and to reverse engineer. This paper will focus more on Skype application which is to monitor the normal and abnormal on its network traffic. The case of the "Skype worm" proved to have a high propagation rate, which is spreading almost exponentially during the first days of operation, considering that, as each new person became a victim, all his or her contacts on Skype, Gtalk and other instant messaging systems received these same malicious links.