hi all,
I want to develop a botnet detection .. so now on i'm just wondering which is the best platform and most suitable programming language for networking or detection system?
C, C++, python, ruby, java, etc .. ?
anyone can give suggestion..?
/*neglect the ability of my skills on solving using any language programme .. and my broken english */
First of all you need to decide what you want to detect. It's OK saying botnets, but what kind of botnets? What is their means of communication? Whatever the level the botnet is working at, you need to work at that, or a lower level.
The lower you go though, the more machine specific you need to be. Java for example is not machine specific and leaves that to the JVM to work out. This is no good if the JVM can't detect the kind of activity you are trying to discover.
On the other hand, you can get C to work almost at the machine code level but in so doing it will probably fail to work on a large variety of machines or OS's (at least without a lot of effort).
The bottom line is that you need to know what you are looking for and then choose a programming paradigm that will address the problem.
Paul
On the other hand, you can get C to work almost at the machine code level
?
Anyhow, what approach are you going to be using to detect botnets? You looking for binaries / mutexes / reg artefacts / hooks etc on a live system? Are you looking at dead machines / memory dumps? Are you looking at net traffic?
Are you planning on using heuristics or signature scanning? Dynamic analysis or static analysis? Sandboxing or not?
Anyway the correct answer is C or C++.