purge0827 / bot-net-detection Goto Github PK

This project forked from kasangeri/bot-net-detection

Abot-netis a network of infected hosts (bots) that works independently under the control of aBotmaster(Bot herder), which issues commands to bots usingcommand and control (C&C)servers. Traditionally, bot-nets used acentralized client-server architecturewhich had a single point of failure but with the advent of peer-to-peer technology, the problem of single point of failure seems to have been resolved. Gaining advantage of the decentralized nature of the P2P architecture, botmasters started using P2P based communication mechanism.P2P bot-netsare highly resilient against detection even after some bots are identified or taken down. P2P bot-nets provide central frameworks for different cyber-crimes which include DDoS (Distributed Denial of Service), email spam, phishing, password sniffing, etc. So, the objective is to develop a tool for identifying P2P bot-nets using network traffic analysis.Also, the developers should detect the hosts involved in P2P traffic and then the detected hosts are further analyzed to detect bot-nets.