Tracking Botnet Based On Honeypot

With the rapid development of network technology, the network has penetrated into thevarious aspects of social life, people’s lives have become increasingly dependent on thenetwork, but the attendant issue of network security has become increasingly serious. A widevariety of events about the network security happen every day such as malware beingdownloaded, sensitive information being stolen and DDOS attacks, that has causedtremendous loss to society and individuals. All of these hazards, the greatest harm is causedby malware, which are also the most common, and lots of security incidents are caused bymalware. The botnet is the most common way used by hacker to attack recently, making useof a lot of compromised hosts to form a powerful network, to start a attack by remote control,For example, launching distributed denial of service (DDoS) attack and sending spam orphishing mail, etc., bringing an extremely serious threat to network. Honeypot technologyallows us to learn more about these threats, such as capture malware and tracking botnets,then protect our network security. Honeypot technology is a powerful technology of networksecurity, following the anti-virus software, firewall, intrusion detection system. It can findWeb-based malicious attacks effectively, especially to against attack for unknown exploits, ithas incomparable advantage compare to other network security technologies, it’s a hotresearch of network security technology and application.This article proposed one kind new construction based on the honeypot technologytracing botnet, solved the questions of capture and analysis malware and the botnet tracing byusing the honeypot technology and the technique of capture and analysis malware, as well asthe technology of tracing botnet, and designed and realized the system, this system includesthree functions: the malicious website recognition, capture and analysis malware, discoverand trace botnet, fully integrated with the advantages of server-side honeypots and client-sidehoneypots, can capture malware in the net more efficiently. Finally set up the system to test inthe laboratory, the test results show that the system can collect malware in the network verywell, then automatic analysis them, and ultimately discover and track botnets.