Key Words: Botnet attacks; DoS attacks; intrusion detecting system; genetic algorithms.
Abstract. One of the most common attacks against information security is Botnet. Recognizing such attacks requires the development of effective security systems. Intrusion detection systems collect information from different sources in computer systems and networks. For most systems, this information is compared to predefined patterns of abuse to identify attacks and vulnerabilities. Much of the existing host-based systems for botnet detection use techniques based on anomalies or rules. This paper presents some aspects of the implementation of a host-based botnet attack detection system. The system uses an anomaly detection technique based on a genetic algorithm.