中文摘要：

通过对P2P僵尸运行协议及其机制的深入研究,提出一种基于流量分析的检测算法。在三层交换机上抓取流量,按照流量数据的相同元素划分集合并得到三个向量（源地址、目的地址和包大小）集合,合理定义时间滑动窗口,基于连接成功率检测算法动态分析快速定位僵尸网络,为僵尸网络的检测提供依据。

英文摘要：

Through the research on the mechanism of the P2P botnet,this paper proposes algorithm based on the analysis of flow.After the preprocessing of flow grasped from layer 3 switches,it gets three vectors,such as source IP,destination IP and package size,then defines reasonable sliding window of time,does dynamic analysis based on the algorithm of connection rate.So that it could locate the position of P2P botnet accurately,which could provide the gist for detecting botnets.