Botnets: Measurement, Detection, Disinfection and Defence

Citation
European Network and Information Security Agency (ENISA), Botnets: Measurement, Detection, Disinfection and Defence (Mar. 7, 2011) (full-text).

Overview
This report discusses how to assess botnet threats and how to neutralise them. It analyzes methods for measuring botnet size and how best to assess the threat posed by botnets to different stakeholders. It includes a comprehensive set of 25 different types of best practices to measure, detect and defend against botnets.

The countermeasures are divided into 3 main areas: neutralising existing botnets, preventing new infections and minimising the profitability of cybercrime using botnets.

The recommendations cover legal, policy and technical aspects of the fight against botnets and give targeted recommendations for different groups.