Data mining in the problem of detecting botnets

This paper presents multi-agent system for detecting botnets “NET.BOTNET” based on data mining. This system contributes to the problem of detecting botnets in a global network and is designed to detect group behavior of bots. The proposed system allows to detect botnets regardless of their Protocol or organizational structure using a clustering analysis of network traffic. This paper describes the architecture of multi-agent system using agent-oriented techniques for the representation of models, object-oriented and agent-based methodology for the design and development of software systems. Also discusses a method of detecting traffic of botnets based on data mining.