This study evaluates botnet behavior and lays the foundation for the development of a tool to generate simulated botnet traffic used to investigate the properties of botnets in large-scale networks. Botnets create widespread security and data safety issues and are effective tools for propagating cyber-crime. It is imperative for the IT community to develop effective means of detecting and mitigating the malicious behavior of botnets. This study enables the investigator: (a) to model the behavior of bots and botnet controllers via state transition diagrams, and lifecycle flowcharts; (b) to generate simulated network flow data equivalent to the behavior of a botnet controller or "bots", and hosts under attack; and (c) to study botnet topologies, behavior and lifecycle events and actions.
[1]
Andreas Terzis,et al.
A multifaceted approach to understanding the botnet phenomenon
,
2006,
IMC '06.
[2]
David Mazières,et al.
Kademlia: A Peer-to-Peer Information System Based on the XOR Metric
,
2002,
IPTPS.
[3]
Farnam Jahanian,et al.
The Zombie Roundup: Understanding, Detecting, and Disrupting Botnets
,
2005,
SRUTI.
[4]
Wenke Lee,et al.
Botnet Detection: Countering the Largest Security Threat
,
2010,
Botnet Detection.
[5]
W. Timothy Strayer,et al.
Botnet Detection Based on Network Behavior
,
2008,
Botnet Detection.