Hybrid Botnet Detection Based on Host and Network Analysis

Almutairi, Suzan; Mahfoudh, Saoucène; Almutairi, Sultan; Alowibdi, Jalal S.

doi:10.1155/2020/9024726

Cited by 44 publications

(21 citation statements)

References 17 publications

(34 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…[9] NB, BN, & DT 98.00 [10] Not ML method 99.00 [11] ANN, SVM, k-NN, NB, & GBM 97.00 [12] k-NN, DT, & RF 70.00 [13] ANN, SVM, NB, DT, RF, LR. & BNet 99.47 [14] NB & DT 97.00 [15] DT 99.00 [16] K-means 82.10 [17] DT 97.00 [18] RF 86.41 [19] ANN, SVM, & NB 93.90 [44] Not ML method 99.82 [20] k-NN & RF 91.10 [21] ANN 97.87 [22] DT 90.40 [23] DT 99.46 [24] ANN, SVM, & k-NN 99.00 [45] Not ML method 95.50 [46] Not ML method 99.68 [25] SVM & ANN 94.00 [47] Not ML method 99.70 [26] DT & ANN 99.20 [48] Not ML method 99.00 [27] KNN, SVM, DT, RF, & ANN 99.00 [28] SVM 99.15 [29] k-NN 94.00 [49] Not ML method 96.20 [50] Not ML method 99.35 [51] Not ML method 92.92 [52] Not ML method 98.70 [53] Not ML method 97.00 [54] Not ML method 98.70 [55] Not ML method *100 [56] Not ML method 99.94 [57] Not ML method 99.60 [58] Not ML method 98.60 [59] Not ML method 97.20 [30] k-NN, NB, DT, RF, & SVM 91.80 [31] ANN 99.60 This research LR, LR, DT, NB, k-NN, RF, GBM, SVM, K-means, K-medians, mini batch, HC, ANN, DBSCAN, GMM, LAC, AP, and ensemble learning…”

Section: Resultsmentioning

confidence: 99%

Using Ensemble Learning Technique for Detecting Botnet on IoT

Rezaei

2021

SN COMPUT. SCI.

View full text Add to dashboard Cite

Despite the growing reputation and the ubiquitous nature of the IoT, it poses significant challenges as it is also considered a convenient platform for cyberattacks. The connection of various devices without fixed security help attackers in allowing botnet to run high crash DDoS attacks against a range of internet services. The botnet is one of the main security challenges that have the most impact on IoT for several reasons. It allows the private network devices to be infected by malicious software and controlled as a group without the owners' awareness. Botnets are often utilized for sending spam, stealing data, and performing DDoS attacks. As there are many areas of security that utilize machine learning (ML) technology, utilizing ML to detect botnet appears to be realistic and workable. While several studies have been conducted using ML for detecting botnet, they are either not highly accurate or only compatible with specific types of botnet or devices. This study aims to create an ensemble learning model using the best ML methods among supervised learning, unsupervised learning, and regression learning to optimize the accuracy of botnet detection on IoT and minimize the number of features requested. After several examinations in different combinations of ML algorithms, this study managed to achieve 100% accuracy of botnet detection as well as minimizing the number of features to only 20.

show abstract

Section: Resultsmentioning

confidence: 99%

Using Ensemble Learning Technique for Detecting Botnet on IoT

Rezaei

2021

SN COMPUT. SCI.

View full text Add to dashboard Cite

show abstract

“…Multidimensional refers to the combination of multiple detection objects, mainly referring to the combination of network traffic and signature detection. e literature [113] proposed a hybrid botnet detection method HANABot based on a host-side and network analysis; this is a general technology that can detect new botnets in the early stage. e system contains three components: network analysis component, host analysis component, and a test report.…”

Section: Combination Methodmentioning

confidence: 99%

Survey on Botnet Detection Techniques: Classification, Methods, and Evaluation

Xing

Hui

Zhao

et al. 2021

Mathematical Problems in Engineering

View full text Add to dashboard Cite

With the continuous evolution of the Internet, as well as the development of the Internet of Things, smart terminals, cloud platforms, and social platforms, botnets showing the characteristics of platform diversification, communication concealment, and control intelligence. This survey analyzes and compares the most important efforts in the botnet detection area in recent years. It studies the mechanism characteristics of botnet architecture, life cycle, and command and control channel and provides a classification of botnet detection techniques. It focuses on the application of advanced technologies such as deep learning, complex network, swarm intelligence, moving target defense (MTD), and software-defined network (SDN) for botnet detection. From the four dimensions of service, intelligence, collaboration, and assistant, a common bot detection evaluation system (CBDES) is proposed, which defines a new global capability measurement standard. Combing with expert scores and objective weights, this survey proposes quantitative evaluation and gives a visual representation for typical detection methods. Finally, the challenges and future trends in the field of botnet detection are summarized.

show abstract

“…The paper primarily focuses on comparison to principal component analysis (PCA) and shows that Lanczos method achieves similar results with a 25% reduction in runtime compared to similar approaches. Reference [186] proposes a multi-faceted detection mechanism based on both host and network analysis. The network analysis is based on known botnet behaviour while host analysis is based on the expected host processes and behaviour.…”

Section: Botnet Application Sandboxingmentioning

confidence: 99%

A Survey on Botnets: Incentives, Evolution, Detection and Current Trends

Stege

El-Habr

et al. 2021

Future Internet

View full text Add to dashboard Cite

Botnets, groups of malware-infected hosts controlled by malicious actors, have gained prominence in an era of pervasive computing and the Internet of Things. Botnets have shown a capacity to perform substantial damage through distributed denial-of-service attacks, information theft, spam and malware propagation. In this paper, a systematic literature review on botnets is presented to the reader in order to obtain an understanding of the incentives, evolution, detection, mitigation and current trends within the field of botnet research in pervasive computing. The literature review focuses particularly on the topic of botnet detection and the proposed solutions to mitigate the threat of botnets in system security. Botnet detection and mitigation mechanisms are categorised and briefly described to allow for an easy overview of the many proposed solutions. The paper also summarises the findings to identify current challenges and trends within research to help identify improvements for further botnet mitigation research.

show abstract

Hybrid Botnet Detection Based on Host and Network Analysis

Cited by 44 publications

References 17 publications

Using Ensemble Learning Technique for Detecting Botnet on IoT

Using Ensemble Learning Technique for Detecting Botnet on IoT

Survey on Botnet Detection Techniques: Classification, Methods, and Evaluation

A Survey on Botnets: Incentives, Evolution, Detection and Current Trends

Contact Info

Product

Resources

About