A botnet usually comprises a number of Internet-connected devices, each of which is running one or more bots. Botnets can be used to perform Distributed Denial of Service (DDoS) Attacks, steal data, send spam, and allow the attacker access to the device and its connection. The owner can control the botnet using command and control (C&C) software.

Botnets are often used by attackers in order to deliver a Distributed Denial of Service (DDoS) attack, a large-scale spam campaign or other types of cyberattacks. Using botnets has become increasingly popular, as seen in the recent Mirai attack on Dyn. This project has a comprehensive botnet timeline that references the botnet/entity name, activity status (active, disabled), year of inception, description, infection vector, propagation method, and any additional information. This current project’s goal is to build an accurate sequential database of botnets, and visualize that data in a meaningful way.