Botnet is a network of compromised machines/computers that communicate and coordinate their actions by Command & Control (C&C) or by passing messages to one another (C&C might be built into the botnet as P2P). Many host /network approaches have been proposed to detect botnets. They employ signature based, anomaly based, data mining approaches etc. to detect botnets. Most of the approaches are not highly effective in detecting decentralized (P2P, FastFlux) botnets using encryption in real time. When the botnets get detected by these approaches a lot of financial loss, data leakage etc. has already taken place. Therefore, work out novel approaches for detection of sophisticated and advanced botnets in real time.
Notes : Simulate sample data by implementing publicly available botnets or using publicly available bot traffic data. The solution should work on Windows/Linux platform.
Sample Data Required: No