Research Article
Hybrid Botnet Detection Based on Host and Network Analysis
Table 5
Monitored network failure types.
| | Protocol | Description of the failure | | Packet sent | Packet received |
| | TCP | TCP SYN | TCP reset | | TCP SYN | ICMP unreachable | | TCP SYN | No packet received for 120 seconds |
| | UDP | UDP | ICMP unreachable | | UDP | No packet received for 120 seconds |
| | DNS | DNS query | A DNS server error code to the queried domain |
|
|
