Detecting Botnets in Computer Networks Using Multi-agent Technology

Abstract

The paper presents a hybrid model of the bots detector which is a combination of host intrusion detection system and the operating system event log analyzer. Bot can be defined as a computer that have been attacked by a hacker or infected with malicious software and is used for illegal activities. Collections of infected computers form a botnet. The proposed system is used to detect bots based on the evaluation of events occurring in the operating system and network environment. Detection algorithms based on the signatures derived from the analysis of the various types of malicious software that creates bots. The model has been implemented using multi-agent technology.