Botnet (zombie networks) and Malware (malicious software) is now a high degree of distress to many internetworking users.  This is mainly because we could often hear (find) that  spammers  send thousands of  spam messages to organizations via botnet hosts,  that  hackers steal lots of personal information (for authentication) using malware, and so on . Especially, if the government sector is infected by the botnet invasion and/or malware, it would be a disaster and difficult to assess the damage caused. Therefore, in this proposal, we would like to initiate a gradual and orderly, three-year research project (i.e., beta trial, deployment, re-search) to come up with a series of solutions and preventive measures against Malware and Botnet via techniques such as detection, reporting, cleanup, etc.

      In the first year, we will first invite security vendors to provide products capable of dealing with Botnet/Malware issues and to conduct a public evaluation of vendor products. By this evaluation, we could have a better understanding on the state-of-the-art operating principles of the industry's products and try to find out the technical shortcomings of each vendor product. In addition, we will also establish a network test platform (Beta Site), so that we could have a real test environment to facilitate system debugging and development on the prototype systems. On the other hand, in the beta site, we would also deploy the vendor s’ products to observe the effectiveness of them and collect reference information for guiding future research. By considering these, the Network Benchmarking Laboratory (NBL) at National Chiao Tung University has a wealth of experience and effectiveness on the two previously mentioned major tasks, and we plan to cooperate with the NBL to achieve the best efficiency. In the second year, we will begin conducting researches and development on the related technologies, including the four major types: detection, reporting, cleanup, as well as the prevention measures. Since most academic people are usually not good on the development of the products (as compared to the industry people), we will actively co-work with the security industry developers to establish a mutual cooperation model in product research and development. While we academic people focus on leading the technology research, the industry people take the lead on product development. Next, another important of task this year is that we will co-work with local connecting sites of the Hsinchu-Miaoli Regional Center (HCRC) and/or other Regional Center of TANet to further expand the deployment of the anti-botnet systems. Next, after collecting the previous year experience’s deployment of the Botnet / Malware solutions, the focus of the third year lies in the fact that there must be many real problems about using the systems, and we are supposed to work out solutions to fix and/or keep improving them. Also, we would like to further help deploy the Botnet / Malware solutions to more academic and research sites.