Generalized extensions for botnet detection

Abstract

Along with the improvement of computer technologies, there is a significant change in the threat landscape. Large scale attacks and digital criminal activities have exposed the Internet to serious security breaches, and alarmed the world regarding cyber-crime. The core of these problems are the so called botnets. Botnets have a dynamic and flexible nature. The Bot-masters, who are controlling the botnets, update the bots and change their codes day by day to avoid the traditional detection methods such as signature-based anti-viruses. Additionally, various techniques are employed by Bot-masters to make their botnets undetectable as long as possible. Recent botnets consist of millions of infected machines, making use of this attack vector inevitably harmful. A better understanding of botnets will help to coordinate and develop new technologies to counter this serious security threat. The effort of the research is to analyze the behavior, possible countermeasures and preventive procedures of botnets; and come up with Generalized Extensions for Botnet Detection to detect botnets on computer networks. The proposed Generalized Extensions for Botnet Detection provides a model to detect botnets.