Volume 2 Number 6 (Dec. 2010)
Home > Archive > 2010 > Volume 2 Number 6 (Dec. 2010) >
IJCEE 2010 Vol.2 (6): 1029-1038 ISSN: 1793-8163
DOI: 10.7763/IJCEE.2010.V2.271

New Approach for Detection of IRC and P2P Botnets

Hossein Rouhani Zeidanloo, Farhoud Hosseinpour, and Farhood Farid Etemad

Abstract—Botnet is most widespread and occurs commonly in today‘s cyber attacks, resulting in serious threats to our network assets and organization’s properties. Botnets are collections of compromised computers (Bots) which are remotely controlled by its originator (BotMaster) under a common Commond-and-Control (C&C) infrastructure. In this paper, we proposed a new general detection framework which currently focuses on P2P based and IRC based Botnets. Since Artificial Immune System (AIS) is a new bio-inspired model which is applied for solving various problems in the field of information security, we used this concept in our proposed framework to make it more efficient. Our framework in P2P part is based on definition of Botnets. Botnet has been defined as a group of bots that perform similar communication and malicious activity patterns within the same Botnet. We utilized AIS to effectively detect malicious activities in P2P part. Our framework in IRC part is based on calculating Delay Time (Td) which is a time frame between sending IRC NICK command and IRC JOIN command. The point that distinguishes our proposed detection framework from many other similar works is that there is no need for prior knowledge of Botnets such as Botnet signature.

Index Terms—AIS; Botnet; Bot; IRC; P2P

Hossein Rouhani Zeidanloo, Farhoud Hosseinpour and Farhood Farid Etemad, Faculty of Computer Science and Information System, University of Technology Malaysia(UTM), Kuala Lumpur, Malaysia. (Email:H_Rouhani@hotmail.com, F.Hosseinpour@gmail.com,Fa.Faridetemad@gmail.com .

Cite: Hossein Rouhani Zeidanloo, Farhoud Hosseinpour and Farhood Farid Etemad, "New Approach for Detection of IRC and P2P Botnets," International Journal of Computer and Electrical Engineering vol. 2, no. 6, pp. 1029-1038, 2010.

General Information

ISSN: 1793-8163 (Print)
Abbreviated Title: Int. J. Comput. Electr. Eng.
Frequency: Quarterly
Editor-in-Chief: Prof. Yucong Duan
Abstracting/ Indexing: EI (INSPEC, IET), Ulrich's Periodicals Directory, Google Scholar, EBSCO, ProQuest, and Electronic Journals Library
E-mail: ijcee@iap.org

What's New

  • Jun 03, 2019 News!

    IJCEE Vol. 9, No. 2 - Vol. 10, No. 2 have been indexed by EI (Inspec) Inspec, created by the Institution of Engineering and Tech.!   [Click]

  • Oct 11, 2019 News!

    IJCEE Vol 11, No 4 is available online now   [Click]

  • Oct 11, 2019 News!

    The dois of published papers in Vol 11, No 1- Vol 11, No 3 have been validated by Crossref

  • Aug 20, 2019 News!

    IJCEE Vol 11, No 3 is available online now   [Click]

  • Jun 03, 2019 News!

    IJCEE Vol. 11, No. 2 is available online now.   [Click]

  • Read more>>