Abstract
The abundance in the usage of Internet, in every arena of life from social to personal, commercial to domestic and other aspects of life as well, leads the rise in cybercrime at an upsetting speed. More illegal activities as a result of cyber crime, reason to tempts many network attacks and threats. Network forensics is the branch of fornesics that deals in the detection of network attacks. Botnet is one of the most common attacks, but hazardos. It  is a network of hacked computers It  involves the capturing, storing and then analysis of the network packets, in order to identify the source of the attack.  Various methods based on this approach for botnet detection are suggested in literature but there is no generalized method to represent the basic methodology used by any of the botnet detection method. With such guidelines, the comparison among the various implementations, a roadmap for the new implementation, development of reusable implementations can be addressed. Accordingly, there is a requirement of a generic framework that can characterize the general methodology followed by any of the botnet detection methods. This paper, review various prevalent methods of botnet detection to extract commonalities among them. A global model for the detection of botnets is represented as ontology. Ontology is used as a means of knowledge representation. The botnet ontology is represented using Web Ontology Language (OWL). OWL is used because it is a language with layered architecture and high expressive power.Â
Highlights
Cyber crime is an alarming problem these days
Many methods of botnet detection are available in literature that are broadly classified into two categories Honeynet based [2] and Passive network traffic monitoring based [3]
The generic framework of botnet detection is lacking in the literature, which motivates the present study to implement a generalized model for botnet detection
Summary
Cyber crime is an alarming problem these days. In past few years many researchers have done research on network forensics to lessen the cyber crime. Many methods of botnet detection are available in literature that are broadly classified into two categories Honeynet based [2] and Passive network traffic monitoring based [3]. The focus is around the implementation of general model for botnet detection method because many botnet detection methods are available in literature but there is no such generalized approach. The generic framework of botnet detection is lacking in the literature, which motivates the present study to implement a generalized model for botnet detection. It is represented as ontology because ontology is the best means of knowledge representation.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have