Botnet Statistics [2009-12-18]

After 8 hours of mental exercise, I have finished writing the needed scripts to combine data from both the old and new detection systems. Hope there is not too many bugs in my scripts. From now on, data presented here will be the combined result. With those scripts in hand, building more detection systems will not take too much effort.

detection period: 2009-12-18 00:00-23:59 UTC
total number of suspected botnet IPs: 3560
number of botnet IPs notified to network operators: 3326

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	HINET-NET	1078
2	BSNLNET	404
3	TFN-NET	253
4	APOL-NET	248
5	CHINANET-GD	140
6	002.558.157/0001-62	118
7	AR-TEAR7-LACNIC	94
8	RCOM	58
9	TATACOMM-IN	51
10	002.558.134/0001-58	42

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	Taiwan	1589
2	India	587
3	China	468
4	Brazil	351
5	Argentina	152
6	Russian Federation	77
7	Colombia	27
8	Thailand	22
9	Ethiopia	22
10	Ukraine	21