A review of various mechanisms for botnets detection

Abstract

In recent years, the threat of botnets has increased exponentially. Escaping the barriers formed by firewall security, these bots attack a large number of hosts and infiltrate with the malicious content. To evade the botnets an efficient tracking is performed. In this paper, we have discussed the various attacking protocols adapted by botnets. It also includes the different ways in which the bots can be detected and stopped from harming the computer. The tracking is done by classifying the IP addresses in separate lists according to their respective features. The particular content embedded in images and spam e-mails are mentioned. The botmaster uses Command and Control server (C&C) to monitor the bots. The several ways preferred for the interaction include Internet Relay Chat (IRC), HyperText Transfer Protocol (HTTP) and Peer to Peer (P2P). Observing the threats and problems caused to a common person, important steps are being taken for consideration. Recently, Google has taken a step and removed 300 apps from play store which were designed to perform DDoS attacks on android devices. The detection of botnets helps us by taking the necessary steps and making us alert before any malicious activity takes place. The attackers have also occupied several social networking platforms with the network of bots that are further being implemented in our day to day lives to manipulate and influence the users. The platforms are henceforth misused to spread a message by posting it socially time and again with the unreal profile of bots [1].