Botnet Detection and Response Architecture for Offering Secure Internet Services
Using thousands of infected internet computers to launch distributed denial of service attack against companies and governments internet resources by attackers is becoming dangerously common trend. Recently, there is a growing trend towards attackers, using IRC (Internet Relay Chat) protocol-based botnet for control and command infected internet computers. The botnet consists of the infected computers, and the infected computers are called bots. So in this paper, we try to propose a novel method for botnet based on IRC analysis and detection to protect our computers. Our proposal tries to use a new IRC server to instead of the original malicious C&C (control and command) server. The IRC server can find out which computer infected with botnet viruses and monopolize the connection between hackers. So that it can make a warning to users, protect the communication between computers and network safely and help the computers to remove the viruses.