Hybrid Machine Learning Technique to Detect Active Botnet Attacks for Network Security and Privacy

Venkatesan C, Thamaraimanalan T, Balamurugan D, Gowrishankar J, Manjunath R, Sivaramakrishnan A
{"title":"Hybrid Machine Learning Technique to Detect Active Botnet Attacks for Network Security and Privacy","authors":"Venkatesan C, Thamaraimanalan T, Balamurugan D, Gowrishankar J, Manjunath R, Sivaramakrishnan A","doi":"10.53759/7669/jmc202303044","DOIUrl":null,"url":null,"abstract":"A botnet is a malware application controlled from a distance by a programmer with the assistance of a botmaster. Botnets can launch enormous cyber-attacks like Denial-of-Service (DOS), phishing, spam, data stealing, and identity theft. The botnet can also affect the security and privacy of the systems. The conventional approach to detecting botnets is made by signature-based analysis, which cannot discover botnets that are not visible. The behavior-based analysis appears to be an appropriate solution to the current botnet characteristics that are constantly developing. This paper aims to develop an efficient botnet detection algorithm using machine learning with traffic reduction to increase accuracy. Based on behavioural analysis, a traffic reduction strategy is applied to reduce network traffic to improve overall system performance. Several network devices are typically used to retrieve network traffic information. With a detection accuracy of 98.4%, the known and unknown botnet activities are measured using the supplied datasets. The machine learning-based traffic reduction system has achieved a high rate of traffic reduction, about 82%, and false-positive rates range between 0% to 2%. Both findings demonstrate that the suggested technique is efficient and accurate.","PeriodicalId":91709,"journal":{"name":"International journal of machine learning and computing","volume":"51 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-10-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International journal of machine learning and computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.53759/7669/jmc202303044","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

Abstract

A botnet is a malware application controlled from a distance by a programmer with the assistance of a botmaster. Botnets can launch enormous cyber-attacks like Denial-of-Service (DOS), phishing, spam, data stealing, and identity theft. The botnet can also affect the security and privacy of the systems. The conventional approach to detecting botnets is made by signature-based analysis, which cannot discover botnets that are not visible. The behavior-based analysis appears to be an appropriate solution to the current botnet characteristics that are constantly developing. This paper aims to develop an efficient botnet detection algorithm using machine learning with traffic reduction to increase accuracy. Based on behavioural analysis, a traffic reduction strategy is applied to reduce network traffic to improve overall system performance. Several network devices are typically used to retrieve network traffic information. With a detection accuracy of 98.4%, the known and unknown botnet activities are measured using the supplied datasets. The machine learning-based traffic reduction system has achieved a high rate of traffic reduction, about 82%, and false-positive rates range between 0% to 2%. Both findings demonstrate that the suggested technique is efficient and accurate.
基于网络安全和隐私的主动僵尸网络攻击检测混合机器学习技术
僵尸网络是一种恶意软件应用程序,由程序员在僵尸管理员的帮助下远程控制。僵尸网络可以发起大规模的网络攻击,如拒绝服务(DOS)、网络钓鱼、垃圾邮件、数据窃取和身份盗窃。僵尸网络还会影响系统的安全性和隐私性。传统的僵尸网络检测方法是基于特征的分析,无法发现不可见的僵尸网络。针对当前不断发展的僵尸网络特征,基于行为的分析似乎是一种合适的解决方案。本文旨在开发一种高效的僵尸网络检测算法,利用机器学习减少流量来提高准确性。基于行为分析,采用流量减少策略来减少网络流量,以提高系统的整体性能。通常使用几个网络设备来检索网络流量信息。检测准确率为98.4%,使用提供的数据集测量已知和未知的僵尸网络活动。基于机器学习的流量减少系统实现了较高的流量减少率,约为82%,假阳性率在0%至2%之间。这两个结果都证明了所建议的技术是有效和准确的。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信