Advances in Computer Science : an International Journal (ACSIJ)
Among the various forms of malware, botnets are becoming the major threats on the Internet that use for many attacks, such as spam, Distributed Denial-of-Service (DDoS), identity theft and phishing. NetFlow protocol is a standard for monitoring Internet traffic that developed by Cisco systems. Therefore, it is very effective to identifying unusual programs generating illegal traffic, or additional load, and also identification of botnet. This paper is to show a novel approach for botnet detection using data records of NetFlow protocol and clustering technique.