Botnets, like long invisible tentacles, stretch throughout the Internet. Computers manipulated by criminal puppet masters connect together around the world through the web, forming giant networks - without the rightful owners of the machines having any idea. This network of infected computers is controlled remotely by botmasters and is used and abused in all manner of Machiavellian machinations. In fact, botnets are now among the biggest sources of illegal funds for cyber criminals. If serious estimates are to be believed, hundreds of millions of computers worldwide are already affected. The biggest network to be exposed to date comprised more than 30 million computers. Botnet infections pose an especially serious problem for businesses. For example, attackers employ standardized procedures to harvest user data and critical business information from affected systems or deploy bots for DDoS attacks.
However, Ostfalia Univerity of Applied Sciences in Wolfenbüttel has an answer and wants to give companies an efficient tool for identifying botnet infections in their company computers. Bot-Watch is being unveiled to the public at CeBIT 2017 in Hannover as a project that features metrics which can be used to evaluate resources in the company based on DNS data. Machine learning techniques can then be applied to calculate indicators of the risk of botnet infections.