Overview of Botnet Detection

Wang Hailong, Gong Zhenghu, and Hou Jie

Journal of Computer Research and Development > 2010 > 47(12): .

Wang Hailong, Gong Zhenghu, and Hou Jie. Overview of Botnet Detection[J]. Journal of Computer Research and Development, 2010, 47(12).

Citation:

Wang Hailong, Gong Zhenghu, and Hou Jie. Overview of Botnet Detection[J]. Journal of Computer Research and Development, 2010, 47(12).

Citation:

Wang Hailong, Gong Zhenghu, and Hou Jie. Overview of Botnet Detection[J]. Journal of Computer Research and Development, 2010, 47(12).

PDF (1515 KB)

Overview of Botnet Detection

Wang Hailong, Gong Zhenghu, and Hou Jie

(College of Computer, National University of Defense Technology, Changsha 410073)

More Information

Published Date: December 14, 2010

Graphical Abstract

Abstract

Abstract

With the rapid development of botnet, the Internet has been facing the growing and disastrous threats. These threats can disable the infrastructure and cause the financial damages, which leads to a severe challenge for the global network security. In order to defense and counter the botnet, the detection is absolutely the basis. Therefore, the research on botnet detection has recently become a hot topic in the field of network security. After analyzing the proposed detection techniques, the authors present the basic process of botnet detection, and make classification for these techniques. Furthermore, according to the different stages of the life cycle of botnet, i.e., propagation, infection, communication and attack, they go into detail about main idea, detection process, merits and shortcomings of the existing techniques. Then, they summarize the approaches and the corresponding algorithms used in the detection techniques, propose the evaluation indices in the six dimensions of source, scope, real-time, accuracy, applicability and flexibility, and compare the representative techniques based on these indices. Later, they discuss the key issues of botnet detection in the fields of multi-source information collection and fusion, essential feature extraction, detection of communication and behavior, correlation analysis and detection architecture. Finally, future research trends are reviewed.
- botnet detection,
- botnet,
- network security,
- life cycle,
- evaluation index

FullText(HTML)

References (0)

[1]	Hou Bingnan, Liu Ning, Li Xionglüe, Zhou Tongqing, Chen Yingwen, Cai Zhiping, Lu Kai. Survey on Target-Generated IPv6 Network Address Scanning[J]. Journal of Computer Research and Development, 2024, 61(9): 2307-2320. DOI: 10.7544/issn1000-1239.202330335
[2]	Chen Xiaofeng, Song Zhaoxiong, Zheng Peiyu, Zhang Jun, Yu Zhi, Sun Yi. A Multichain-Collaborating Governing Chain-Supervising-Chain Supervision Framework[J]. Journal of Computer Research and Development, 2024, 61(9): 2290-2306. DOI: 10.7544/issn1000-1239.202330279
[3]	Duan Tiantian, Guo Yi, Li Bo, Zhang Hanwen, Song Zhaoxiong, Li Zhongcheng, Zhang Jun, Sun Yi. PieBridge：An On-Demand Scalable Cross-Chain Architecture[J]. Journal of Computer Research and Development, 2023, 60(11): 2520-2533. DOI: 10.7544/issn1000-1239.202230284
[4]	Chen Liangyin, Li Zhanghua, Wang Chaolong, Zhang Jingyu, Yan Bingshu, Liu Yan, Yin Feng, Chen Pengpeng. RBSA: Repeatedly-Woken Based Scanning Algorithm for Road Network Surveillance[J]. Journal of Computer Research and Development, 2014, 51(5): 974-983.
[5]	Bao Xiao'an, Yao Lan, Zhang Na, and Song Jinyu. Adaptive Software Testing Based on Controlled Markov Chain[J]. Journal of Computer Research and Development, 2012, 49(6): 1332-1338.
[6]	Wang Weizheng, Kuang Jishun, You Zhiqiang, Liu Peng. A Low-Power and Low-Cost BIST Scheme Based on Capture in Turn of Sub-Scan Chains[J]. Journal of Computer Research and Development, 2012, 49(4): 864-872.
[7]	Guo Chi, Wang Lina, Guan Yiping, Zhang Xiaoying. A Network Immunization Strategy Based on Dynamic Preference Scan[J]. Journal of Computer Research and Development, 2012, 49(4): 717-724.
[8]	Zhou Yong, Xia Shixiong, Ding Shifei, Zhang Lei, Ao Xin. An Improved APIT Node Self-Localization Algorithm in WSN Based on Triangle-Center Scan[J]. Journal of Computer Research and Development, 2009, 46(4): 566-574.
[9]	Dong Jie, Hu Yu, Han Yinhe, Li Xiaowei. A Multiple-Scan-Chain Test Approach Based on Combinational Decompression Circuits[J]. Journal of Computer Research and Development, 2006, 43(6): 1001-1007.
[10]	Liu Lijun and Huai Jinpeng. Research of a Network Scan Detection Algorithm Based on the FSA Model[J]. Journal of Computer Research and Development, 2006, 43(3): 417-422.