Research Cell: An International Journal of Engineering Sciences

Open Access Open Access  Restricted Access Subscription Access

On Botnet Detection in Networks, based on Traffic Monitoring


Affiliations
1 Department of Computer Science and Information Technology, Central University of Jammu, Jammu and Kashmir, 181143, India
 

One of the serious and widespread attacks in cyber security is Botnet. Using command and control infrastructure or peer-to-peer communication between bots, botmasters can perform a variety of attacks on internet system-users. To mitigate this, multiple techniques have been developed for botnet detection over the past two decades. In this paper we have discussed various botnet structures and the different techniques of botnet detection proposed in literature. We evaluated these techniques based on their distinctive features and presented their detailed comparative analysis. We also proposed a method for botnet detection using network traffic monitoring. Our approach is based on combining signature and anomaly detection systems that complement each other. Our proposed hybrid detection system may decrease false positive rate in anomaly detection by finding the well-known bots using signature detection and thereby may increase overall detection efficiency.

Keywords

Botnet, Malicious Activities, P2P, Anomaly Detection.
User
Notifications
Font Size


  • On Botnet Detection in Networks, based on Traffic Monitoring

Abstract Views: 306  |  PDF Views: 0

Authors

Shamsul Haq
Department of Computer Science and Information Technology, Central University of Jammu, Jammu and Kashmir, 181143, India
Yashwant Singh
Department of Computer Science and Information Technology, Central University of Jammu, Jammu and Kashmir, 181143, India

Abstract


One of the serious and widespread attacks in cyber security is Botnet. Using command and control infrastructure or peer-to-peer communication between bots, botmasters can perform a variety of attacks on internet system-users. To mitigate this, multiple techniques have been developed for botnet detection over the past two decades. In this paper we have discussed various botnet structures and the different techniques of botnet detection proposed in literature. We evaluated these techniques based on their distinctive features and presented their detailed comparative analysis. We also proposed a method for botnet detection using network traffic monitoring. Our approach is based on combining signature and anomaly detection systems that complement each other. Our proposed hybrid detection system may decrease false positive rate in anomaly detection by finding the well-known bots using signature detection and thereby may increase overall detection efficiency.

Keywords


Botnet, Malicious Activities, P2P, Anomaly Detection.

References