Science and Development Network (SciDev.Net)
Botnets are collections of compromised computers (Bots) which are remotely controlled by its originator under a common Command-and-Control (C&C) infrastructure. In this paper, the authors proposed a new general detection strategy. This proposed strategy was based on degree distributions of node and abnormal net flows, and combined with data mining technology. In this scheme, they introduced dialog flow to draw traffic profile of node. They set up degree distributions of node and group and applied the degree distributions of node as input for data mining, which were then classified and distinguished to obtain reliable results with acceptable accuracy.