A Signature-Based Botnet (Emotet) Detection Mechanism

ABSTRACT

The Internet has become an essential part of life, especially after the COVID-19 pandemic. The increasing use of technology brings new challenges. Cyber security has emerged as a major threat during the pandemic. Distributed Denial of Service Attack (DDoS) attacks have become more refined than other cyber-attacks during the pandemic. The most important question comes into mind What is the source of the DDoS attack? The answer is botnet which provides the platform for the attacker. A botnet has targeted the escalation of vulnerable systems. Therefore, real-life and accurate botnet detection and prevention techniques must be effectively designed. Due to this organized dataset, IoCs are required for a most dangerous botnet to prevent networks at an early stage. Various malware datasets have been published for the research work, but most are outdated. The author has proposed a new dataset of windows based botnets using different analysis techniques. This work provides the geolocation of the live malicious connection made by emotet. They have also presented the mechanism which calculates the IP reputation and detects botnet based on IoCs using snort Intrusion Detection. © 2022 Seventh Sense Research Group®