Title: Botnets Detection Using Message Sniffing

Year of Publication: Jun - 2014
Page Numbers: 40-45
Authors: Walid Al-Ahmad , Ayat Al-Ahmad
Conference Name: The International Conference on Digital Security and Forensics (DigitalSec2014)
- Czech Republic

Abstract:


A botnet is a large number of compromised computers which are used to create and send spam, viruses or a flood of network messages as a distributed denial of service attack for different purposes such as curiosity or identity theft among others. The growing popularity of botnets compels to find proper countermeasures, while existing defense mechanisms can hardly keep pace with the progress of botnet technologies. The aim of this paper is to develop a botnet detection technique by implementing a botnet application, based on the TCP protocol, to capture and filter a packet header in a local network. This sniffer application also provides a statistical chart that shows malicious bots featured messages.