Research Article
Hybrid Botnet Detection Based on Host and Network Analysis
Table 5
Monitored network failure types.
| Protocol | Description of the failure | Packet sent | Packet received |
| TCP | TCP SYN | TCP reset | TCP SYN | ICMP unreachable | TCP SYN | No packet received for 120 seconds |
| UDP | UDP | ICMP unreachable | UDP | No packet received for 120 seconds |
| DNS | DNS query | A DNS server error code to the queried domain |
|
|