2211 880
Full Length Article
Journal of Cybersecurity and Information Management
Volume 0 , Issue 1, PP: 44-53 , 2019 | Cite this article as | XML |PDF

Title

Performance Analysis of Machine Learning based Botnet Detection and Classification Models for Information Security

  Salah-ddine KRIT 1

1  Professor of Computer Science, Ibn Zohr University, Agadir, Morocco
    (Salahddine.krit@gmail.com)


Doi   :   https://doi.org/10.54216/JCIM.000104


Abstract :

Botnet detection becomes a challenging issue in several domains like cybersecurity, finance, healthcare, law, order, etc. The botnet represents a set of cooperated Internet-linked devices managed by cyber criminals to start coordinated attacks and carry out different malicious events. As the botnets are seamlessly dynamic with the developing countermeasures presented by network and host-based detection schemes, conventional methods have failed to achieve enough safety for botnet threats. Therefore, machine learning (ML) models have been developed to detect and classify botnets for cybersecurity. In this view, this paper performs a comprehensive evaluation of different ML-based botnet detection and classification models. The botnet detection model involves a three-stage process, namely preprocessing, feature extraction, and classification. In this study, four ML models such as C4.5 Decision Tree, bagging, boosting, and Adaboost are employed for classification purposes. To highlight the performance of the four ML models, an extensive set of simulations was performed. The obtained results pointed out that the ML models can attain enhanced botnet detection performance. 

Keywords :

Information security , Botnet detection , Machine learning , Classification , Cybersecurity

References :

 

[1]      Karim, A., Salleh, R.B., Shiraz, M., Shah, S.A.A., Awan, I. and Anuar, N.B., 2014. Botnet detection techniques: review, future trends, and issues. Journal of Zhejiang University SCIENCE C, 15(11), pp.943-983.

[2]      Zhao, D., Traore, I., Sayed, B., Lu, W., Saad, S., Ghorbani, A. and Garant, D., 2013. Botnet detection based on traffic behavior analysis and flow intervals. computers & security, 39, pp.2-16.

[3]      Barford P, Yegneswaran V. An inside look at botnets. Special workshop on malware detection: advances in information security; 2006.

[4]      Zeidanloo HR, Shooshtari MJZ, Amoli PV, Safari M, Zamani M. A taxonomy of botnet detection techniques. In: 2010 3rd IEEE international conference on computer science and information technology (ICCSIT), vol 2. New York: IEEE;. 2010. p. 158–62.

[5]      Sonawane SR. A review on botnet and botnet detection methods. Int J Comput Sci Innov. 2016;1:107–16.

[6]      Zhang J, Perdisci R, Lee W, Sarfraz U, Luo X. Detecting stealthy P2P botnets using statistical trafc fngerprints. In: 2011 IEEE/IFIP 41st international conference on dependable systems & networks (DSN). New York: IEEE; 2011. p. 121–32.

[7]      Zeidanloo, H.R., Shooshtari, M.J.Z., Amoli, P.V., Safari, M. and Zamani, M., 2010, July. A taxonomy of botnet detection techniques. In 2010 3rd International Conference on Computer Science and Information Technology (Vol. 2, pp. 158-162). IEEE.

[8]      Zhao, Y., Xie, Y., Yu, F., Ke, Q., Yu, Y., Chen, Y. and Gillum, E., 2009, April. BotGraph: Large Scale Spamming Botnet Detection. In NSDI (Vol. 9, pp. 321-334).

[9]      Gu, G., Perdisci, R., Zhang, J. and Lee, W., 2008. Botminer: Clustering analysis of network traffic for protocol-and structure-independent botnet detection.

[10]   Venkatachalam, N. and Anitha, R., 2017. A multi-feature approach to detect Stegobot: a covert multimedia social network botnet. Multimedia Tools and Applications, 76(4), pp.6079-6096.

[11]   Chowdhury, S., Khanzadeh, M., Akula, R., Zhang, F., Zhang, S., Medal, H., Marufuzzaman, M. and Bian, L., 2017. Botnet detection using graph-based feature clustering. Journal of Big Data, 4(1), pp.1-23.

[12]   Gadelrab, M.S., ElSheikh, M., Ghoneim, M.A. and Rashwan, M., 2018. BotCap: Machine learning approach for botnet detection based on statistical features. Int. J. Commun. Netw. Inf. Secur, 10(3), p.563.

[13]   Dorri, A., Abadi, M. and Dadfarnia, M., 2018, August. SocialBotHunter: Botnet detection in Twitter-like social networking services using semi-supervised collective classification. In 2018 IEEE 16th Intl Conf on Dependable, Autonomic and Secure Computing, 16th Intl Conf on Pervasive Intelligence and Computing, 4th Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress (DASC/PiCom/DataCom/CyberSciTech) (pp. 496-503). IEEE.

[14]   Pektaş, A. and Acarman, T., 2018. Botnet detection based on network flow summary and deep learning. International Journal of Network Management, 28(6), p.e2039.

[15]   Dai, W. and Ji, W., 2014. A mapreduce implementation of C4. 5 decision tree algorithm. International journal of database theory and application, 7(1), pp.49-60.

[16]   Chi, M. and Bruzzone, L., 2005. A semilabeled-sample-driven bagging technique for ill-posed classification problems. IEEE Geoscience and Remote Sensing Letters, 2(1), pp.69-73.

[17]   Mesgarani, A., Alam, M.N., Nelson, F.Z. and Ay, S.U., 2010, August. Supply boosting technique for designing very low-voltage mixed-signal circuits in standard CMOS. In 2010 53rd IEEE international midwest symposium on circuits and systems (pp. 893-896). IEEE.

[18]   Yuan, Y., Kaklamanos, G. and Hogrefe, D., 2016, November. A novel semi-supervised adaboost technique for network anomaly detection. In Proceedings of the 19th ACM International Conference on Modeling, Analysis and Simulation of Wireless and Mobile Systems (pp. 111-114).

 


Cite this Article as :
Style #
MLA Salah-ddine KRIT. "Performance Analysis of Machine Learning based Botnet Detection and Classification Models for Information Security." Journal of Cybersecurity and Information Management, Vol. 0, No. 1, 2019 ,PP. 44-53 (Doi   :  https://doi.org/10.54216/JCIM.000104)
APA Salah-ddine KRIT. (2019). Performance Analysis of Machine Learning based Botnet Detection and Classification Models for Information Security. Journal of Journal of Cybersecurity and Information Management, 0 ( 1 ), 44-53 (Doi   :  https://doi.org/10.54216/JCIM.000104)
Chicago Salah-ddine KRIT. "Performance Analysis of Machine Learning based Botnet Detection and Classification Models for Information Security." Journal of Journal of Cybersecurity and Information Management, 0 no. 1 (2019): 44-53 (Doi   :  https://doi.org/10.54216/JCIM.000104)
Harvard Salah-ddine KRIT. (2019). Performance Analysis of Machine Learning based Botnet Detection and Classification Models for Information Security. Journal of Journal of Cybersecurity and Information Management, 0 ( 1 ), 44-53 (Doi   :  https://doi.org/10.54216/JCIM.000104)
Vancouver Salah-ddine KRIT. Performance Analysis of Machine Learning based Botnet Detection and Classification Models for Information Security. Journal of Journal of Cybersecurity and Information Management, (2019); 0 ( 1 ): 44-53 (Doi   :  https://doi.org/10.54216/JCIM.000104)
IEEE Salah-ddine KRIT, Performance Analysis of Machine Learning based Botnet Detection and Classification Models for Information Security, Journal of Journal of Cybersecurity and Information Management, Vol. 0 , No. 1 , (2019) : 44-53 (Doi   :  https://doi.org/10.54216/JCIM.000104)