Discover Your Island University

Graduate Projects


Project ID: 438
Author: Mohammed Shahid Sultan
Project Title: Monitoring HTTP based Command and Control Botnets in Network Traffic using Bot-Sniffer
Semester: 2 2015
Committe Chair: Dr. Mario Garcia
Committee Member 1: Dr. Dulal Kar
Project Description: Botnet makes use of command and control channels (C&C). Botnets use different protocols such as IRC and HTTP to initiate attacks. It is a challenge to detect and prevent botnet attacks due to the command and control channel. In this project, a bot-sniffer monitor is developed to detect botnets by detecting the HTTP POST request method and by tracing the hidden fields in the HTML forms. A malicious website is developed that scans and captures victim’s computer details such as their IP address, the identity of the operating system that the victim’s computer is using, the operating system version, and the machine’s architecture. The website is capable of initiating spam attacks. The technique needs no prior knowledge of bots or command and control servers. This mechanism can detect bots based on HTTP protocol. In the future, a bot-sniffer monitor could be used as a browser plugin, and it could be helpful to detect all malicious web-based bots. An alternative implementation could be to add a bot-sniffer on a router. By implementing a bot sniffer monitor, botnet attacks can be detected, and preventive measures can be taken to prevent such attacks.
Project URL:   438.pdf