Abstract: In the dynamic landscape of evolving cyber threats, Security Operations Centers (SOCs) play an important role in protecting digital assets. Among these threats, botnets are particularly challenging due to their ability to take over many devices and launch coordinated attacks. Through comparative analysis, the research gaps in existing frameworks have been identified. Based on these insights, a botnet detection and incident response framework aligned with SOC practices has been proposed. This proposed framework emphasizes proactive measures by integrating threat intelligence, detection and monitoring tools to detect botnet attack and facilitate rapid response. Future research will focus on conducting evaluation and validation studies to assess the effectiveness and performance of the framework in controlled environments. This effort will contribute to develop the framework and ensuring it aligns with practical cybersecurity needs.

Roslaily Muhammad, Saiful Adli Ismail and Noor Hafizah Hassan, “Botnet Detection and Incident Response in Security Operation Center (SOC): A Proposed Framework” International Journal of Advanced Computer Science and Applications(IJACSA), 15(3), 2024. http://dx.doi.org/10.14569/IJACSA.2024.0150389

@article{Muhammad2024,
title = {Botnet Detection and Incident Response in Security Operation Center (SOC): A Proposed Framework},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2024.0150389},
url = {http://dx.doi.org/10.14569/IJACSA.2024.0150389},
year = {2024},
publisher = {The Science and Information Organization},
volume = {15},
number = {3},
author = {Roslaily Muhammad and Saiful Adli Ismail and Noor Hafizah Hassan}
}