A real-time botnet detection model based on an efficient wrapper feature selection method

被引：0

作者：

Farahmand-Nejad A. ^{[1
]}

Noferesti S. ^{[1
]}

机构：

[1] Information Technology Department, Faculty of Electrical and Computer Engineering, University of Sistan and Baluchestan, Zahedan

来源：

International Journal of Security and Networks | 2020年 / 15卷 / 01期

关键词：

Botnet attacks; Botnets; Feature selection; Machine learning; Network security; Real-time; Support vector machine; SVM; WCC; World competitive contests algorithm; Wrapper methods;

D O I：

10.1504/ijsn.2020.10028190

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Botnets are one of the most widespread and serious threats of cybersecurity that have infected millions of computers around the world over the past few years. Previous research has shown that machine learning methods can accurately detect botnet attacks. However, these methods often do not address the problem of real-time botnet detection, which is one of the main challenges in this area and is essential to prevent the damage caused by botnet attacks. This paper aims to present an efficient real-time model for botnet detection. In the proposed method, a subset of the effective features in detecting the bot traffic is initially selected using the world competitive contests algorithm. Then, based on the selected features, a support vector machine model is created offline to detect real-time bot traffic from the normal one. The test results show that the proposed method can detect botnets with 95% accuracy and outperforms other methods. Copyright © 2020 Inderscience Enterprises Ltd.

引用

页码：36 / 45

页数：9

共 25 条

[1] Alauthaman M., Aslam N., Zhang L., Alasem R., Hossain M.A., A P2P botnet detection scheme based on decision tree and adaptive multilayer neural networks, Neural Computing and Applications, 29, 11, pp. 991-1004, (2018)
[2] Alauthman M., An Efficient Approach to Online Bot Detection Based on A Reinforcement Learning Technique, (2016)
[3] Alder R., Burke J., Keefer C., Orebaugh A., Pesce L., Seagren E.S., Chapter 4 – Introducing snort, How to Cheat at Configuring Open Source Security Tools, pp. 181-212, (2007)
[4] Bijalwan A., Chand N., Pilli E.S., Krishna C.R., Botnet analysis using ensemble classifier, Perspectives in Science, Special Issue on ‘Engineering and Material Sciences, 8, pp. 502-504, (2016)
[5] Bilge L., Balzarotti D., Robertson W., Kirda E., Kruegel C., Disclosure: Detecting botnet command and control servers through large-scale netflow analysis, Proceedings of the 28th Annual Computer Security Applications Conference, pp. 129-138, (2012)
[6] Chen W., Luo X., Zincir-Heywood A.N., Exploring a service-based normal behaviour profiling system for botnet detection, 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM), pp. 947-952, (2017)
[7] Choi H., Lee H., Kim H., BotGad: Detecting botnets by capturing group activities in network traffic, Proceedings of the Fourth International ICST Conference on Communication System Software and Middleware, (2009)
[8] Chowdhury S., Khanzadeh M., Akula R., Zhang F., Zhang S., Medal H., Marufuzzaman M., Bian L., Botnet detection using graph-based feature clustering, Journal of Big Data, 4, 1, (2017)
[9] Goebel J., Holz T., Rishi: Identify bot contaminated hosts by IRC nickname evaluation, First Workshop on Hot Topics in Understanding Botnets 2007, (2007)
[10] Gu G., Zhang J., Lee W., Botsniffer: Detecting botnet command and control channels in network traffic, 15th Annual Network & Distributed System Security Symposium, (2008)

← 1 2 3 →