A generic framework for tracking of peer-to-peer botnets

Today, botnets have become an ever-present threat for users of the Internet. Malicious activities committed using botnets can include, among others, sending of Spam mails, stealing of data and passwords, as well as Distributed Denial of Service (DDoS) attacks. In order to be able to effectively counter the threat posed by a botnet, the threat has to be assessed first. Key elements, which allow to prioritize and to target efforts, are the number of bots which are part of the botnet as well as their geographic distribution. Development of tracking software can be a time consuming task, especially if individual trackers have to be developed for each particular botnet to be tracked. In order to be able to react faster on the appearance of new botnets, in this paper, we present a generic framework for developing trackers for peer-to-peer based botnets, which simplifies and speeds up the development process.