Abstract
Botnets have become increasingly common and progressively dangerous to both business and domestic networks alike. Due to the Covid-19 pandemic, a large quantity of the population has been performing corporate activities from their homes. This leads to speculation that most computer users and employees working remotely do not have proper defences against botnets, resulting in botnet infection propagating to other devices connected to the target network. Consequently, not only did botnet infection occur within the target user’s machine but also neighbouring devices. The focus of this paper is to review and investigate current state of the art and research works for both methods of infection, such as how a botnet could penetrate a system or network directly or indirectly, and standard detection strategies that had been used in the past. Furthermore, we investigate the capabilities of Artificial Intelligence (AI) to create innovative approaches for botnet detection to enable making predictions as to whether there are botnets present within a network. The paper also discusses methods that threat-actors may be used to infect target devices with botnet code. Machine learning algorithms are examined to determine how they may be used to assist AI-based detection and what advantages and disadvantages they would have to compare the most suitable algorithm businesses could use. Finally, current botnet prevention and countermeasures are discussed to determine how botnets can be prevented from corporate and domestic networks and ensure that future attacks can be prevented.
Highlights
Botnets are tools used to deliver malware across networks
Flooding is a technique widely used within Local Area Network (LAN) that are scaled greater than others, which would coincide with companies that would contain more hardware making Hypertext Transfer Protocol (HTTP) flooding approaches more ideal for bot-masters to use
It is important for Intrusion Detection System (IDS) and IPS to be implemented if the botnet was able to penetrate the firewalls
Summary
Botnets are tools used to deliver malware across networks. This defines them as major threats to corporate networks, which may always need data, applications and services available. Botnets are the primary cause of Denial-of-Service (DOS) attacks They can prevent employees from accessing (sensitive and confidential) information stored within the networks. The malware used brute-forced password cracking to access IoT devices Kraken, another botnet attack that occurred in 2008, infected over 400,000 personal computers (PCs) and was predominantly used for spamming other network users to gain system access or cause system damage [2]. AI can be used by attackers to launch more sophisticated botnet attacks This highlights the importance of AI to be considered as key enabler to design and develop more efficient botnet detection and prevention tools and strategies compared to the old methods. AI-based methods are necessary for IoT networks Their in-built security may not be updated and able to counter botnet threats, since threat actors can create botnet code variations to bypass certain firewalls, allowing them unauthorised access to hosts.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
