Visible to the public Robust Early Stage Botnet Detection using Machine Learning

TitleRobust Early Stage Botnet Detection using Machine Learning
Publication TypeConference Paper
Year of Publication2020
AuthorsMuhammad, A., Asad, M., Javed, A. R.
Conference Name2020 International Conference on Cyber Warfare and Security (ICCWS)
Date PublishedOct. 2020
ISBN Number978-1-7281-6840-1
KeywordsBotnet, Botnet detection, botnet detection techniques, botnets, click fraud, Command and Control Channel (C&C), composability, Computer crime, computer network security, cyberattacks, cybersecurity, DDoS, early-stage botnet detection, efficient detection rate, feature extraction, feature selection techniques, fraud, identity theft, invasive software, learning (artificial intelligence), machine learning classifiers, Malware, Metrics, PCA, principal component analysis, Protocols, pubcrawl, Random Forest, resilience, Resiliency, robust early stage botnet detection, security of data, Servers, Support vector machines, telecommunication security

Among the different types of malware, botnets are rising as the most genuine risk against cybersecurity as they give a stage to criminal operations (e.g., Distributed Denial of Service (DDOS) attacks, malware dispersal, phishing, and click fraud and identity theft). Existing botnet detection techniques work only on specific botnet Command and Control (C&C) protocols and lack in providing early-stage botnet detection. In this paper, we propose an approach for early-stage botnet detection. The proposed approach first selects the optimal features using feature selection techniques. Next, it feeds these features to machine learning classifiers to evaluate the performance of the botnet detection. Experiments reveals that the proposed approach efficiently classifies normal and malicious traffic at an early stage. The proposed approach achieves the accuracy of 99%, True Positive Rate (TPR) of 0.99 %, and False Positive Rate (FPR) of 0.007 % and provide an efficient detection rate in comparison with the existing approach.

Citation Keymuhammad_robust_2020