Botnet Detection And Prevention System

Currently,There are a lot Botnet, According to National Computer network Emergency Response technical Team Center of china ((Referred to as"CNCERT") data, As of October 2011, Chinese netizens had reached 457million Which suffer from viruses and Trojan attacks compared to 45.8% of Internet users. the Internet users who had been stolen Accounts or passwords through accounted for 21.8%. Botnets not only brought huge losses to our country, government, business, people, but also brought serious threat to the safety of China's Internet users. How to effectively monitor and control the botnets becomes the Internet industry's most pressing issues currently.Currently, some Government agencies and research institutions already have been doing botnets'researches, But they could only effectively monitor small flow, small-scale data, could not effectively monitor the dozens of G large flow internet data, In particular, in recent years, the information on the Internet grow in explosive rate of index levels speed, Internet applications are endless . Therefore, The information collection and record-based detection of botnets Is not enough, Need for a more advanced detection technology ,which could achieve the efficient and accurate identification and rapid intervention on the data of Internet backbone exportThe internet Protocol intelligent Analysis System which we are studying is the Core section of botnet detection and prevention system , it plays an important role in the whole system . It is installed in the network aggregation layer, and it is Professional intelligence analysis software and built-in detection system which could Capture and record every bit of link data . and it can also achieve Real-time analysis of large amounts of data and testing. through the capture files from the network protocol analysis and data reduction, it can realize the network monitoring and retrieval of information content and find that abnormal changes in the data network, which can detect ongoing zombie Trojan and network attacks. And it can block network forensics and technology functionsThe system mainly achieve collection, reproduction, distribution, filtering, detection and tracking function for 20GE-level network traffic , Front-end network data provide the test protocol analyzer to restore part of the restructuring of the seamless connection, back-end achieve Analysis and processing...