Multilayer Framework for Botnet Detection Using Machine Learning Algorithms
Autor:
Ibrahim, Wan Nur Hidayah
; Anuar, Syahid
; Selamat, Ali
; Krejcar, Ondřej
; González-Crespo, Rubén (1)
; Herrera-Viedma, Enrique
; Fujita, Hamido
Fecha:
2021Palabra clave:
Tipo de Ítem:
Articulo Revista IndexadaDirección web:
https://ieeexplore.ieee.org/document/9359784
Resumen:
A botnet is a malware program that a hacker remotely controls called a botmaster. Botnet can perform massive cyber-attacks such as DDOS, SPAM, click-fraud, information, and identity stealing. The botnet also can avoid being detected by a security system. The traditional method of detecting botnets commonly used signature-based analysis unable to detect unseen botnets. The behavior-based analysis seems like a promising solution to the current trends of botnets that keep evolving. This paper proposes a multilayer framework for botnet detection using machine learning algorithms that consist of a filtering module and classification module to detect the botnet's command and control server. We highlighted several criteria for our framework, such as it must be structure-independent, protocol-independent, and able to detect botnet in encapsulated technique. We used behavior-based analysis through flow-based features that analyzed the packet header by aggregating it to a 1-s time. This type of analysis enables detection if the packet is encapsulated, such as using a VPN tunnel. We also extend the experiment using different time intervals, but a 1-s time interval shows the most impressive results. The result shows that our botnet detection method can detect up to 92% of the f-score, and the lowest false-negative rate was 1.5%.
Este ítem aparece en la(s) siguiente(s) colección(es)
Estadísticas de uso
Año |
2012 |
2013 |
2014 |
2015 |
2016 |
2017 |
2018 |
2019 |
2020 |
2021 |
2022 |
2023 |
Vistas |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
44 |
61 |
1 |
Descargas |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
Ítems relacionados
Mostrando ítems relacionados por Título, autor o materia.
-
Enhancing big data feature selection using a hybrid correlation-based feature selection
Mohamad, Masurah; Selamat, Ali; Krejcar, Ondrej; González-Crespo, Rubén (1); Herrera-Viedma, Enrique; Fujita, Hamido (2021)This study proposes an alternate data extraction method that combines three well-known feature selection methods for handling large and problematic datasets: the correlation-based feature selection (CFS), best first search ... -
A recommender system based on implicit feedback for selective dissemination of ebooks
Núñez-Valdez, Edward Rolando; Quintana, David; González-Crespo, Rubén (1); Isasi, Pedro; Herrera-Viedma, Enrique (Information Sciences, 10/2018)In this study, we describe a recommendation system for electronic books. The approach is based on implicit feedback derived from user's interaction with electronic content. User's behavior is tracked through several ... -
Dealing with group decision-making environments that have a high amount of alternatives using card-sorting techniques
Morente-Molinera, Juan Antonio; Ríos Aguilar, Sergio (1); González-Crespo, Rubén (1); Herrera-Viedma, Enrique (Expert Systems with Applications, 01/08/2019)Due to the appearance of Web 2.0 technologies and smartphones, the amount of information available to carry out group decision-making processes has increased dramatically. Therefore, there is a need for group decision-making ...