Trends and Challenges of Botnet Architectures and Detection Techniques

Main Article Content

Ritthichai Limarunothai
Mohd Amin Munlin


- Botnets are a notable malware which are a major threat to Internet security as their performing behaviors are widely distributed and based on networking. Since the internet is growing very fast, their increase the risk of botnet spreading rapidly. Many organizations are victims of botnet attacks and can result in significant loss of economy and service. Nowadays, new botnets are more complexity and resilient to evade from detection systems. To understand and up-to-date about botnets, this paper aims to provide an overview of botnets that includes life-cycle, threats and architecture. We classify botnet detection approaches and compare each technique to be aware of their strengths and weaknesses. This paper also discusses the current challenges that includes future trend of botnets.


Download data is not yet available.

Article Details

How to Cite
R. Limarunothai and M. Amin Munlin, “Trends and Challenges of Botnet Architectures and Detection Techniques”, JIST, vol. 5, no. 1, pp. 51-57, Jun. 2015.
Research Article: Soft Computing (Detail in Scope of Journal)


1. E. Pilli, P. Sharma, S. Tiwari, A Bijalwan, “ Botnet Detection Framework,” International Journal of Computer Applications, Vol. 93, May 2014.

2. M. A. Rajab, J. Zarfoss, F. Monrose, A. Terzis, “A multifaceted approach to understanding the botnet phenomenon,” Internet Measurement Conference, pp. 41–52, 2006

3. M. Yang, G. Ren, J. Zhang,“ Talk about botnets,” The community communications conference, pp. 629-633, 2006.

4. R. S. Abdullah , M. F. Abdollah, Z. A. Muhamad Noh, M. Z. Mas'ud, S. R. Selamat,R. Yusof, “Revealing the Criterion on Botnet Detection Technique,” IJCSI International Journal of Computer Science, Vol. 10, pp. 208-215, March 2013.

5. D. Plohmann, E. Gerhards-Padilla, F. Leder, “Botnets: Detection, Measurement, Disinfection & Defence,” European Network and Information Security Agency (ENISA), 2011.

6. C. Kalt, “Internet Relay Chat: Client Protocol,” Request for Comments (RFC) 2812 (Informational), April 2000.

7. S. S.C. Silva, R. M.P. Silva, R. C.G. Pinto, “Botnets: A survey,” Computer Networks, Vol 57, pp 378-403, Febuary 2013.

8. C. Li, W. Jiang, X. Zou, “Botnet: Survey and Case Study,” IEEE International Conference on Innovative Computing, Information and Control, pp. 1184-1187, December 2009.

9. R. A. RODR´IGUEZ-GO´ MEZ, G. MACIA´-FERNA´NDEZ, P. GARC´IA-TEODORO, “Survey and Taxonomy of Botnet Research through Life-Cycle,” ACM Computing Surveys, Vol. 45, Aug 2013.

10.S. Taghavi Zargar, J. Joshi, D. Tipper, “A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks,” IEEE Communications SURVEYS & TUTORIALS, vol. 15, pp 2046-2069, November 2013.

11. H. Rouhani Zeidanloo,A. Abdul Manaf, "Botnet Command and Control Mechanisms,” IEEE International Conference on Computer and Electrical Engineering, pp. 564-568, December 2009.

12. M. Eslahi, “HTTP-Botnets: The Dark Side of a Standard Protocol!,” Cyber Defense Magazine, pp 12-18, April 2013.

13. T. T. Lu, H.Y. Liao, M .F. Chen, "An Advanced Hybrid P2p Botnet 2.0," World Academy of Science, Engineering and Technology, Vol. 5, September 2011.

14. P. Bacher, T. Holz, M. Kotter, and G. Wicherski, “Know your enemy: Tracking botnets,”, 2005.

15. M. Rajab, J. Zarfoss, F. Monrose, and A. Terzis, “A multifaceted approach to understanding the botnet phenomenon,” in Proc. 6th ACM

16. M. Feily, A. Shahrestani, S. Ramadass, “A Survey of Botnet and Botnet Detection,” IEEE International Conference on Emerging Security Information, Systems and Technologies (SECURWARE), pp. 268-273, June 2009.

17. Snort IDS web page., March 2006.

18. C. Chen, H. Lin, “Detecting botnet by anomalous traffic,” Journal of Information Security and Applications, pp. 1-10, July 2014.

19. S. Nagendra Prabhu, D. Shanthi, "A Survey on Anomaly Detection of Botnet in Network," International Journal of Advance Research in Computer Science and Management Studies, Vol. 2, pp. 552-558, January 2014.

20. H. Choi, H. Lee, H. Lee, H. Kim, “Botnet Detection by Monitoring Group Activities in DNS Traffic,” IEEE International Conference on Computer and Information Technology, pp. 715-720, October 2007.

21. R.Villamarin-Salomon, J.C. Brustoloni, “Identifying Botnets Using Anomaly Detection Techniques Applied to DNS Traffic,” IEEE Consumer Communications and Networking Conference, pp. 476-481, 2008.

22. A. M. Manasrah, A. Hasan ,”Detecting Botnet Activities Based on Abnormal DNS traffic,” (IJCSIS) International Journal of Computer Science and Information Security,Vol. 6, pp. 1184-1187, December 2009.

23. H. Choi, H. Lee, “Identifying botnets by capturing group activities in DNS traffic,” Computer Networks, Vol 56, pp. 20-33, January 2012.

24. Stevanovic, Matija, Pedersen, J. Myrup, “Machine learning for identifying botnet network traffic,” Aalborg University, 2013

25. K. Rieck, G. Schwenk, T. Limmer, T. Holz, P. Laskov, “Botzilla: detecting the ’’phoning home’’ of malicious software,” Proceedings of the 2010 ACM Symposium on Applied Computing, pp. 1978–1984, March 2010

26. G. Gu, R. Perdisci, J. Zhang, and W. Lee, “Botminer: clustering analysis of network traffic for protocol and structure-independent botnet detection,” in USENIX Security Symposium (SS), San Jose, CA, pp. 139–154, July 2008.

27. H. Choi, H. Lee, “Identifying botnets by capturing group activities in DNS traffic,” in ScienceDirect, Computer Networks, Vol 56, pp.20–33, January 2012

28. M. Stevanovic, J. M. Pedersen, “An efficient flow-based botnet detection using supervised machine learning,” IEEE International Conference on Computing Network and Communications (ICNC), pp. 979-801, Feb 2014.

29. P. Hayati, “botCloud – an emerging platform for cyber-attacks,” the Cloud Security Research Group of the Stratsec Winter School, Sunday, October 2012.

30. M. Eslahi, R. Salleh, N. Badrul Anuar, "MoBots: A New Generation of Botnets on Mobile," International Symposium on Computer Applications and Industrial Electronics (ISCAIE 2012),pp. 262-266 December 2012.