Defence against Botnets: A Formal Definition and a General Framework

Botnets have contributed to the significant part of the increasing malicious activities such as Distributed Denial of Service (DDoS), spam, and click fraud. Based on the analysis on the basic and essential characters of botnet, this paper deals with the botnet in two aspects: formal definition and general framework, covering various types of botnets overall. Through the formal definition and the general framework, the essential components of the botnet (i.e. botmaster, Command and Control mechanism, and bots) are described in detail and the features of the vital Command and Control (C&C) mechanism are augmented. The formal definition for botnet, to the best of our knowledge, is first proposed and the general framework, analyzed in some case studies, is not only helpful to interpret the existing botnets in the real world, but also beneficial to the implement of the potential botnets in the future.