A Survey of Botnet Detection Techniques by Command and Control Infrastructure

Thomas Hyslip, Jason Pittman
2015 Journal of Digital Forensics, Security and Law  
Botnets have evolved to become one of the most serious threats to the Internet and there is substantial research on both botnets and botnet detection techniques. This survey reviewed the history of botnets and botnet detection techniques. The survey showed traditional botnet detection techniques rely on passive techniques, primarily honeypots, and that honeypots are not effective at detecting peer-to-peer and other decentralized botnets. Furthermore, the detection techniques aimed at
more » ... ed and peer-to-peer botnets focus on detecting communications between the infected bots. Recent research has shown hierarchical clustering of flow data and machine learning are effective techniques for detecting botnet peer-to-peer traffic.
doi:10.15394/jdfsl.2015.1195 fatcat:nqnh3reh3fcz3i53fuf5rzan4a