Botnet Statistics [2009-12-15]

I set up another botnet detection system about 10 days ago. Although it employees the same detection technique as the old one, the results are vastly different. Almost all botnet computers it detected were located in Taiwan, but I can't explain it. Today I tried to combine the botnet statistics from both systems.

detection period: 2009-12-15 00:00-23:59 UTC
total number of suspected botnet IPs: 5408
number of botnet IPs notified to network operators: 5178

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	HINET-NET	2585
2	CHINANET-GD	544
3	APOL-NET	461
4	BSNLNET	233
5	TFN-NET	183
6	002.558.157/0001-62	99
7	AR-TEAR7-LACNIC	85
8	TATACOMM-IN	41
9	UNICOM-SD	38
10	RCOM	38

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	Taiwan	3229
2	China	837
3	India	367
4	Brazil	288
5	Argentina	140
6	United States	97
7	Russian Federation	78
8	Colombia	29
9	South Korea	26
10	Ukraine	25