Detecting BOT Victim in Client Networks

Authors(2) :-Abinaya. E, Balamurugan. K

In this paper we discuss my research in detecting bot victim in client networks. Botnets are collections of Internet hosts ("bots") that, through malware infection, have fallen under the control of a single entity ("botmaster"). Botnets perform network scanning for different reasons: propagation, enumeration, penetration. One common type of scanning, called "horizontal scanning," systematically probes the same protocol port across a given range of IP addresses, sometimes selecting random IP addresses as targets. To infect new hosts in order to recruit them as bots, some botnets, e.g., Conficker perform a horizontal scan continuously using self-propagating worm code that exploits a known system vulnerability. In this project, we focus on a different type of botnet scan-one performed under the explicit command and control of the botmaster, occurring over a well-delimited interval.

Authors and Affiliations

Abinaya. E
Department of Information Technology, St Peter Engineering College, Avadi, Tamil Nadu, India
Balamurugan. K

Horizontal Scanning, Botmaster, Bots, P2P, IRC, BotGraph, DPI, Clustering

  1. Stover, D. Dittrich, J. Hernandez, and S. Dietrich, "Analysis of the storm and nugache trojans: P2P is here," in Proc. USENIX, vol. 32. 2007, pp. 18–27.
  2. Porras, H. Saidi, and V. Yegneswaran, "A multi-perspective analysis of the storm (peacomm) worm," Comput. Sci. Lab., SRI Int., Menlo Park, CA, USA, Tech. Rep., 2007.
  3. Porras, H. Saidi, and V. Yegneswaran. (2009). Conficker C Analysis Online]. Available:
  4. Sinclair, C. Nunnery, and B. B. Kang, "The waledac protocol: The how and why," in Proc. 4th Int. Conf. Malicious Unwanted Softw., Oct. 2009, pp. 69–77.
  5. Lemos. (2006). Bot Software Looks to Improve Peerage Online]. Available:
  6. Zhao, Y. Xie, F. Yu, Q. Ke, and Y. Yu, "Botgraph: Large scale spamming botnet detection," in Proc. 6th USENIX NSDI, 2009, pp. 1–14.
  7. Gu, R. Perdisci, J. Zhang, and W. Lee, "Botminer: Clustering analysis of network traffic for protocol- and structure-independent botnet detection," in Proc. USENIX Security, 2008, pp. 139–154.
  8. -F. Yen and M. K. Reiter, "Are your hosts trading or plotting? Telling P2P file-sharing and bots apart," in Proc. ICDCS, Jun. 2010, pp. 241–252.
  9. Nagaraja, P. Mittal, C.-Y. Hong, M. Caesar, and N. Borisov, "BotGrep: Finding P2P bots with structured graph analysis," in Proc. USENIX Security, 2010, pp. 1–16.
  10. Zhang, X. Luo, R. Perdisci, G. Gu, W. Lee, and N. Feamster, "Boosting the scalability of botnet detection using adaptive traffic sampling," in Proc. 6th ACM Symp. Inf., Comput.Commun. Security,

Publication Details

Published in : Volume 1 | Issue 1 | July-August 2016
Date of Publication : 2016-08-30
License:  This work is licensed under a Creative Commons Attribution 4.0 International License.
Page(s) : 14-18
Manuscript Number : CSEIT16113
Publisher : Technoscience Academy

ISSN : 2456-3307

Cite This Article :

Abinaya. E, Balamurugan. K, "Detecting BOT Victim in Client Networks", International Journal of Scientific Research in Computer Science, Engineering and Information Technology (IJSRCSEIT), ISSN : 2456-3307, Volume 1, Issue 1, pp.14-18, July-August-2016.
Journal URL :

Article Preview