International Journal of Network Security
Bots are malicious software components used for generating Spams, launching denial of service attacks, phishing, identity theft and information exhfiltration and such other illegal activities. Bot detection is an area of active research in recent times. Here, the authors propose a bot detection mechanism for a single host. A user traffic profile is used to filter out normal traffic generated by the host. The remaining suspicious traffic is subject to detailed analysis. The nature of detailed analysis is derived from a characterization of bot traffic. The detection system is tested using two real world bots.