The Activity Analysis of Malicious HTTP-Based Botnets Using Degree of Periodic Repeatability

Abstract

The malicious botnets are evaluated as the serious threat of the Internet society in future. As the botnets are more clever and artful, the detection of botnets is not easy. Recently malicious botnets evolve into HTTP botnets out of typical IRC botnets and it is difficult to response effectively with existing methods which are using DNS traffic. In this paper, we show the relations of HTTP clients to HTTP servers, and propose the method to search malicious HTTP botnets by using degree of periodic repeatability.