A Distributed Botnet Detecting Approach Based on Traffic Flow Analysis

Li Sheng,Liu Zhiming,He Jin,Deng Gaoming,Huang Wen
DOI: https://doi.org/10.1109/IMCCC.2012.36
2012-01-01
Abstract:Bonnet is extremely harmful to computer network security which could cause many network attacks(like spam, DDoS, phishing etc). In this paper, we design a distributed Bonnet detecting approach based on network traffic analysis. A botnet detection framework is proposed, which composed of two sections: Data Collection and Filter, Bonnet Detection and Identify. The first section is deployed in distributed hosts in order to capture network traffic data, filter data and classify data. The second section is deployed in centralized place which collectes all data from distributed hosts and detected the botnet using data amalgamation algorithms and characteristic identified algorithms. The detecting approach works efficiently and can detect botnet in the experiment environment.
What problem does this paper attempt to address?