Conducting research on botnets is oftentimes limited to the analysis of active botnets. This prevents researchers from testing detection and tracking mechanisms potential future threats. Specifically, in domain P2P botnets, protocol specifics, network churn anti-tracking greatly impact success or failure monitoring operations. Moreover, experiments real world commonly lack ground truth verify findings. As developing deploying sufficient size accompanied by large costs administration efforts, this paper attempts address issue introducing a simulation framework for called Botnet Simulation Framework (BSF). BSF can simulate operations more than 20.000 bots evaluate takedown efforts. Moreover, communication traces be exported inject traffic into arbitrary PCAP files training evaluation intrusion systems.

Load

Load