Botnets have proven to be consistent nuisance on the Internet. They are the cause for many security concerns and issues that plague the Internet currently. Mitigating these issues is an important task and more research is needed in order to win the battle against constantly evolving botnets.
In this thesis, botnets are reviewed thoroughly, starting from what botnets are and how do they manage to stay operational and then moving on to explore some of the more promising methods that can be used to detect botnet activity. A more detailed look is performed on DNS-based botnet detection methods as these methods show great promise and are very capable of detecting many different types of botnets. Finally, a
review on the DNS-based botnet detection methods is compiled. Some of the best features of botnet detection are gathered to form an overall picture of what are the characteristics of a good detection method.
As botnets evolve over time, botnet detection methods need to keep up with the progress. Gathering characteristics of a good detection method will help to suggest future directions on how to improve and develop new botnet detection methods.
ACM Computing Classification System (CCS):
A.1 [Introductory and Survey],
C.2.0 [Computer Communication Networks]
