A Generic Process Model for Botnet Forensic Analysis

Botnets are becoming more hazardous in cyber crime when compared to other malicious activities. Security against botnets is a major concern. Botnet forensics is young science which can answer questions about how, what and where of damage done by bots. The forensic system deals with capturing, recording, and analysis of botnet traffic. This paper outlines the process of Botnet forensic analysis and its implementation. A generic process for botnet forensics is proposed based on previous digital forensics models. The specific research gaps existing in implementation are identified and presented as challenges. The contribution of this work is that it presents an overview on botnet forensics analysis and implementation which will be more valuable for security.