Cyber threats based on botnet and its detection mechanisms

Abstract

Modern network system facing challenges in securing network infrastructure. Cybercrime has been becoming challenge to the security filed cause of increasing growth of internet usage. One of the most significant threats faced by the network connected system is Botnet. The Botnet is an evolving threat to the cybersecurity, and with the existence of command and control server (C&C server). It makes most malware attack compared to all other attacks. The bots in a network which causes a malicious act is known as the Botnet attack. The main aim of the Bot attack will vary from key-logging attack in a network to severe attack like Distributed Denial of Service (DDoS). An attacker called Bot-master controls this Botnet. This paper discusses different types of architecture in botnets such Centralized botnets with HTTP and IRC protocols, Decentralized botnets with P2P and Hybrid architecture. Meanwhile it discusses various threats and different detection mechanisms based on Signature, Anomaly, DNS, Data mining and Machine learning detection methods which used to detect bots in a network system. However many pieces of research have been done on a botnet to detect and control the botnet activities, but still, it's a challenging topic in cyber security. Botnets are now in raising the edge of attack by an attacker, thus researches on detecting the botnets with higher accuracy, especially on bot cloud, mobile Botnet is timely required.