2019
DOI: 10.3390/app9112375
|View full text |Cite
|
Sign up to set email alerts
|

An Adaptive Multi-Layer Botnet Detection Technique Using Machine Learning Classifiers

Abstract: In recent years, the botnets have been the most common threats to network security since it exploits multiple malicious codes like a worm, Trojans, Rootkit, etc. The botnets have been used to carry phishing links, to perform attacks and provide malicious services on the internet. It is challenging to identify Peer-to-peer (P2P) botnets as compared to Internet Relay Chat (IRC), Hypertext Transfer Protocol (HTTP) and other types of botnets because P2P traffic has typical features of the centralization and distri… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
63
0
4

Year Published

2019
2019
2023
2023

Publication Types

Select...
5
4

Relationship

0
9

Authors

Journals

citations
Cited by 116 publications
(67 citation statements)
references
References 48 publications
0
63
0
4
Order By: Relevance
“…A multi-layered framework for botnet detection is proposed by Khan et al [ 27 ], where it is addressed the detection of P2P botnets. This research performs an in-depth analysis of traffic patterns inherent to P2P botnets on which machine learning classifiers can lead to categorize the malicious and normal observations.…”
Section: State Of the Artmentioning
confidence: 99%
“…A multi-layered framework for botnet detection is proposed by Khan et al [ 27 ], where it is addressed the detection of P2P botnets. This research performs an in-depth analysis of traffic patterns inherent to P2P botnets on which machine learning classifiers can lead to categorize the malicious and normal observations.…”
Section: State Of the Artmentioning
confidence: 99%
“…Random Forest also achieves high detection accuracy (95.11%) and a low false positive rate (0.103). The Ensemble with JRip Classifiers model has been compared with five different methods which are clustering, Neural Network, Recurrent Neural Network [37,38], K-medoids, K-means [12], Long Short-Term Memory (LSTM) [11], anddecision trees [10]. The comparative of results in Table 2 show that our proposal Ensemble with JRip Classifiers model achieves better detection accuracythan the existing systems for botnet detection.…”
Section: Resultsmentioning
confidence: 99%
“…This huge number of malware threats caused by botnets have been planned, each one becoming more resilient, unsafe, and smart. Fortunately, botnet detection methods have also developed, which employ different approaches such as traffic analysis [6][7][8], DNS based methods [9] and machine learning such as decision trees [10], Neural Network [11] and clustering [12].…”
Section: Introductionmentioning
confidence: 99%
“…According to the input metrics detailed in [23], malicious network flows can be outlined in four principal categories (Login, Inputs, Downloads and Geo-location), depending on specific missions for attackers. In general, well-known SL algorithms, including Logistic Regression (LG) [24], Support Vector Machine (SVM) [25], Artificial Neural Networks (ANN) [26], Decision Trees (DT) [27], Random Forest (RF) [27], Bayesian Networks (BN) [28], and Deep Learning (DL) Networks [29] have been fitted to overcome different menaces that directly depend on the conditions, circumstances, and settings in which botnet and IDS attacks are monitored and framed. Remarkable evidence is taken from IRC connections, P2P bots, DNS queries, anomalous traffic footprints, blacklisted IP addresses, irregular or malformed packet lengths, and abnormal intervals of multiple requests and responses over various network protocols [22].…”
Section: Related Workmentioning
confidence: 99%