Bot_CODA:botnet collaborative detection architecture

Towards the deficiencies of collaborative functions in existing botnet detection architectures, a hierarchical collaborative model was proposed.The model shares information and cooperates in the three levels of information, fea-ture, and decision-making.On the basis of the proposed model, a botnet collaborative detection architecture(Bot_CODA) was proposed.With a novel feature extraction module, the architecture was able to extract the intrinsic features of botnet from a variety of data sets.The analysis of a representative case indicates that Bot_CODA improves detection accuracy and enhances detection capability.