Association Rule Based Data Mining Approach to HTTP Botnet Detection
Botnet is most dangerous and widespread among all threats in today's cyber world. It is basically group of compromised computers connected via internet, mostly the vulnerable hosts, are remotely accessed and controlled by botmaster to deliver various network threats and malicious activities. Which includes, spamming, click fraud, ID theft, backdoor entry, spoofing and phishing. Among challenging characteristic of botnet, Command and Control centre is most basic one through which botnet can be used to update and command. Recently malicious botnets evolve into HTTP botnets out of typical IRC botnets. Data mining algorithms allow them to automate detecting characteristics from large amount of data, which the conventional heuristics and signature based methods could not apply.