Network Forensics Investigation for Botnet Attack

Nowadays the internet users manipulated by several web applications which instruct them to download and install programs in order to interfere the computer system stabilities or other aims. Most users didn't realize that the applications might have been added with some malicious software such as Worms, and Trojan horse. After the malware infected the victim's computer, they made the machine to conduct for to the master's purposes. This process known as botnet. Botnet is categorized as difficult detected malware even with up-to-date antivirus software and causing lot of problems. Network security researcher has developed various methods to detect Botnet invasion. One of the method is forensics method. Network forensics is a branch of Digital forensics which the main task is to analyze the problem (e.g. Botnet's attack) by identify, classify the networks traffic and also recognize the attacker's behavior in the network. The output of this system will produce the pattern recognition of Botnet's attack and payload identification according to Network Forensics Analysis.