Identifying Botnets within the Traffic Generated By a Network in Two Different Datasets

Grace Bunmi Akintola¹

1. Dept. of Cyber Security, Nigerian Defence Academy, Kaduna, Nigeria.

Section:Research Paper, Product Type: Journal-Paper
Vol.12 , Issue.4 , pp.77-93, Aug-2024

Online published on Aug 31, 2024

Copyright © Grace Bunmi Akintola . This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
 

View this paper at   Google Scholar | DPI Digital Library

XML View     PDF Download

How to Cite this Paper

68 Views    80 Downloads    14 Downloads

Abstract :
The impact of cyber-attacks on organizational and private networks has been significant, causing extensive damage and posing serious threats to cybersecurity. This is largely due to the increasing sophistication of malicious hackers, making the detection and mitigation of these attacks more challenging. One such attack is the botnet attack, which involves using compromised systems to launch attacks, including Denial of Service (DoS) attacks, against victim systems. As a result, comprehensive literature reviews have been conducted to examine existing botnet defense and detection techniques, with a particular focus on machine learning due to its effectiveness in identifying and classifying botnet attacks within networks. This paper presents the development of an Artificial Neural Network (ANN) model, a supervised machine learning technique, using MATLAB software for creating, training, and simulating networks. Two datasets, KDD CUP’99 and UNSW-NB15, were used to demonstrate the effectiveness of the proposed model by extracting the same set of features from both. The model achieved classification accuracies of 99.88% and 96% for the respective datasets. A confusion matrix plot was used to illustrate these accuracy values in detail, further validating the model`s effectiveness by showing very low false negative and false positive rates in identifying and grouping botnet attacks.

Key-Words / Index Term :
Botnets, Networks, Machine Learning, MATLAB, DoS attacks, detection techniques, and datasets

References :
[1] Forti and S. Héroux, “Limited usefulness of firm-provided cybersecurity information in institutional investors’ investment analysis,” Information and Computer Security, vol. 31, Issue 3, pp. 108-123, 2023.
[2] M. R. Kadri, A. Abdelli, J. B. Othman and L. Mokdad, “Survey and classification of Dos and DDos attack detection and validation approaches for IoT environments,” Internet of Things, vol. 25, Issue101021, pp. 1-44, 2024.
[3] H. P. S and J. R, “A Survey on the Applications of Machine Learning in Identifying Predominant Network Attacks,” International Journal of Scientific Research in Computer Science and Engineering, vol. 11, Issue 5, pp. 16-22, 2023.
[4] G. Onuh and P. Owa, “Implementation of Slowloris Distributed Denial of Service (DDOS) Attack on Web Servers,” International Journal of Scientific Research in Computer Science and Engineering, vol. 10, Issue 2, pp. 11-15, 2022.
[5] S. Srinivasan and P. Deepalakshmi, “ENetRM: ElasticNet Regression Model based malicious cyber-attacks prediction in real-time server,” Measurement: Sensors, vol. 25, Issue 100654, pp. 1-10, 2023.
[6] P. Bisht and M. S. Rauthan, “Machine Learning and Natural Language Processing Based Web Application Firewall for Mitigating Cyber Attacks in Cloud,” International Journal of Scientific Research in Computer Science and Engineering, vol. 11, Issue 3, pp. 01-15, 2023.
[7] L. D’hooge, M. V. Wauters, F. D. Turck and B. Volckaert, “Investigating Generalized Performance of Data-Constrained Supervised Machine Learning Models on Novel, Related Samples in Intrusion Detection,” Sensors, vol. 23, Issue 4, pp. 1-39, 2023.
[8] D. Pecioski, V. Gavriloski, S. Domazetovska, and A. Ignjatovska, “An overview of reinforcement learning techniques,” in 2023 12th Mediterranean Conference on Embedded Computing (MECO), Budva, Montenegro, 2023.
[9] K. A. Okewale, I. R. Idowu, B. S. Alobalorun and F. A. Alabi, “Effective Machine Learning Classifiers for Intrusion Detection in Computer Network,” International Journal of Scientific Research in Computer Science and Engineering, vol. 11, Issue 2, pp. 14-22, 2023.
[10] D. Gibert, J. Planes, C. Mateu and Q. Le, “Fusing feature engineering and deep learning: A case study for malware,” Expert Systems With Applications, vol. 207, Issue 117957, pp. 1-18, 2022.
[11] S. Kayikci and T. M. Khoshgoftaar, “Blockchain meets machine learning: a survey,” Journal of Big Data, vol. 11, Issue 9, pp. 1-29, 2024.
[12] M. H. Thwaini, “Anomaly Detection in Network Traffic using Machine Learning for Early Threat,” Data & Metadata, vol. 1, Issue 34, pp. 1-16, 2022.
[13] S. Sheng and X. Wang, “Network traffic anomaly detection method based on chaotic neural network,” Alexandria Engineering Journal, vol. 77, pp. 567-579, 2023.
[14] H. Liu and H. Wang, “Real-Time Anomaly Detection of Network Traffic Based on CNN,” Symmetry, vol. 15, Issue 6, pp. 1-21, 2023.
[15] F. Hu, S. Zhang, X. Lin, L. Wu, N. Liao and Y. Song, “Network traffic classification model based on attention mechanism and spatiotemporal features,” EURASIP Journal on Information Security, vol. 1, Issue 6, pp. 1-25, 2023
[16] I. H. Ji, J. H. Lee, M. J. Kang, W. J. Park, S. H. Jeon and J. T. Seo, “Artificial Intelligence-Based Anomaly Detection Technology over Encrypted Traffic: A Systematic Literature Review,” Sensors, vol. 24, Issue 3, pp. 1-30, 2024.
[17] W. Hu, L. Cao, Q. Ruan, and Q. Wu, “Research on Anomaly Network Detection Based on Self-Attention Mechanism,” Sensors, vol. 23, Issue 11, pp. 1-17, 2023.
[18] K. Lu, “Network Anomaly Traffic Analysis,” Academic Journal of Science and Technology, vol. 10, Issue 3, pp. 65-68, 2024.
[19] Z. Dang, Y. Zheng, X. Lin, C. P. Q. Chen and X. Gao, “Semi-Supervised Learning for Anomaly Traffic Detection via Bidirectional Normalizing Flows,” arXiv, vol. 1, pp. 1-14, 2024.
[20] S. Zehra, U. Faseeha, H. J. Syed, F. Samad, A. O. Ibrahim, A. W. Abulfaraj and W. Nagmeldin, “Machine Learning-Based Anomaly Detection in NFV: A Comprehensive Survey,” Sensors, vol. 23, Issue 11, pp. 1-26, 2023.
[21] S. Padhiar and R. Patel, “Performance evaluation of botnet detection using machine learning techniques,” International Journal of Electrical and Computer Engineering (IJECE), vol. 13, Issue 6, pp. 6827-6835, 2023.
[22] M. Al-farttoosi and H. Abdulkader, “Botnet Mobile Detection Using Machine & Deep Learning Techniques,” in 2022 Iraqi International Conference on Communication and Information Technologies (IICCIT), Basrah, Iraq, 2022.
[23] M. Swami, A. Yadnik, A. Jagtap, K. Bhilare and M. Wagh, “BOTNET DETECTION USING VARIOUS MACHINE LEARNING ALGORITHMS: A REVIEW,” International Research Journal of Engineering and Technology (IRJET), vol. 09, Issue 12, pp. 125-132, 2022.
[24] C. Joshi, V. Bharti and R. K. Ranjan, “Botnet Detection Using Machine Learning Algorithms,” in Proceedings of the International Conference on Paradigms of Computing, Communication and Data Sciences, Singapore, 2021.
[25] J. Forough, “Anomaly Detection and Resolution for Edge Clouds,” in Machine Learning for Anomaly Detection, Sweden, IEEE, 2024, pp. 11-25.
[26] S. A. Hussein and S. R. Répás, “Enhancing Network Security through Machine Learning-Based Anomaly Detection Systems,” International Journal of Intelligent Systems and Applications in Engineering, vol. 12, Issue 215, pp. 1929-1935, 2024.
[27] M. Landauer, S. Onder, F. Skopik and M. Wurzenberger, “Deep learning for anomaly detection in log data: A survey,” Machine Learning with Applications, vol. 12, Issue 100470, pp. 1-19, 2023.
[28] M. ALI, M. S. M. F. MUSHTAQ, SULTAN, M. S., and I. ASHRAF, “Hybrid Machine Learning Model for Efficient Botnet Attack Detection in IoT Environment,” IEEE ACCESS, vol. 1, Issue 1, pp. 1-19, 2024.
[29] J. Ashraf, M. Keshk, N. Moustafa, M. Abdel-Basset, H. Khurshid, A. D. Bakhshi and R. R. Mostafa, “IoTBoT-IDS: A novel statistical learning-enabled botnet detection framework for protecting networks of smart cities,” Sustainable Cities and Society, vol. 72, Issue 103041, 2021.
[30] C. G. Cordero, E. Vasilomanolakis, A. Wainakh, M. Mühlhäuser, and S. N. Tehrani, “On Generating Network Traffic Datasets with Synthetic Attacks for Intrusion Detection,” ACM Transactions on Privacy and Security, vol. 24, Issue 2, pp. 1-39, 2021.
[31] E. P. VALENTINI, G. P. R. FILHO, R. E. D. GRANDE, C. M. RANIERI, L. A. P. JÚNIOR and R. I. MENEGUETTE, “A Novel Mechanism for Misbehavior Detection in Vehicular Networks,” IEEE, vol. 11, pp. 68113-68126, 2023.
[32] A. Z. Umar and Y. Galadima, “Detecting Anomalies In Network Traffic Using a Hybrid of Linear-based and Tree-based Feature Selection Approaches,” in International Conference on Computing and Advances in Information Technology (ICCAIT 2023), Ahmadu Bello University, Zaria, Nigeria, 2023.
[33] S. Choudharya and N. Kesswani, “Analysis of KDD-Cup’99, NSL-KDD, and UNSW-NB15 Datasets using Deep Learning in IoT,” in International Conference on Computational Intelligence and Data Science (ICCIDS 2019), Rajasthan, India, 2020.
[34] S. More, M. Idrissi, H. Mahmoud and A. T. Asyhar, “Enhanced Intrusion Detection Systems Performance with UNSW-NB15 Data Analysis,” aligorithms, vol. 17, Issue 64, pp. 1-16, 2024.
[35] T. A. S. Srinvias, A. D. Donald, M. Sameena, K. Rekha and I. D. Srihith, “Unlocking the Power of Matlab: A Comprehensive Survey,” International Journal of Advanced Research in Science, Communication and Technology (IJARSCT), vol. 3, Issue 1, pp. 20-31, 2023.
[36] Y. SAHLI, “A comparison of the NSL-KDD dataset and its predecessor the KDD Cup’99 dataset,” International Journal of Scientific Research and Management (IJSRM), vol. 10, Issue 4, pp. 832-839, 2022.
[37] I. Dutt, S. Borah and I. K. Maitra, “Pre-Processing of KDD’99 & UNSW-NB Network Intrusion Datasets,” Turkish Journal of Computer and Mathematics Education, vol. 12, Issue 11, pp. 1762- 1776, 2021.
[38] M. Gelgi, Y. Guan, S. Arunachala, M. S. S. Rao, and N. Dragoni, “Systematic Literature Review of IoT Botnet DDOS Attacks and Evaluation of Detection Techniques,” Sensors, vol. 24, Issue 11, pp. 1-37, 2024.
[39] O. Valenzuela, A. Catala, D. Anguita and I. Rojas, “New Advances in Artificial Neural Networks and Machine Learning Techniques,” Neural Process Letters, vol. 55, Issue 1, pp. 5269-5272, 2023.
[40] S. Hartanto, “The Impact of Smurf Attack on Web Server in Communication Network and its Preventions,” International Journal of Sustainable Applied Sciences (IJSAS), vol. 1, Issue 1, pp. 35-46, 2023.
[41] M. B. Anley, A. Genovese, D. Agostinello and V. Piuri, “Robust DDoS attack detection with adaptive transfer learning,” Computers & Security, vol. 144, Issue 103962, pp. 1-10, 2024.
[42] M. M. Abualhaj, A. A. Abu-Shareha, M. O. Hiari, Y. Alrabanah, M. Al-Zyoud and M. A. Alsharaiah, “A Paradigm for DoS Attack Disclosure using Machine Learning Techniques,” (IJACSA) International Journal of Advanced Computer Science and Applications, vol. 13, Issue 3, pp. 192-200, 2022.
[43] J. H. Yousif and H. A. Kazem, “Prediction and evaluation of photovoltaic-thermal energy systems production using artificial neural network and experimental dataset,” Case Studies in Thermal Engineering, vol. 27, Issue 101297, pp. 1-13, 2021.
[44] W. Ahmed, A. Chaudhary, and G. Naqvi, “Role of Artificial Neural Networks in AI,” Neuro Quantology, vol. 20,. Issue 13, pp. 3365-3373, 2022.
[45] Y. D. Jian Liu, Y. Liu, L. Chen, Z. Hu, P. Wei and Z. Li, “A logistic-tent chaotic mapping Levenberg Marquardt algorithm for improving positioning accuracy of grinding robot,” Scientific Reports, vol. 14, Issue 9649, pp. 1-15, 2024.
[46] M. K. Hasan, A. A. Habib, S. Islam, N. Safie and B. Pandey, “DDoS: Distributed denial of service attack in communication standard vulnerabilities in smart grid applications and cyber security with recent developments,” Energy Reports, vol. 9, Issue 10, pp. 1318-1326, 2023.
[47] C. G. Udomboso and O. O. Ilori, “A DERIVED HETEROGENEOUS TRANSFER FUNCTION FROM CONVOLUTION OF SYMMETRIC HARDLIMIT AND HYPERBOLIC TANGENT SIGMOID TRANSFER FUNCTIONS,” Journal of Science and Technology, vol. 40, Issue 1, pp. 27-37, 2022.
[48] T. Y. Li, H. Xiang, Y. Yang, J. Wang and G. Yildiz, “Prediction of char production from slow pyrolysis of lignocellulosic biomass using multiple nonlinear regression and artificial neural network,” Journal of Analytical and Applied Pyrolysis, vol. 159, no. Issue 105286, 2021.
[49] I. Dubdub, “Pyrolysis Study of Mixed Polymers for Non-Isothermal TGA: Artificial Neural Networks Application,” Polymers, vol. 14, Issue 2638, pp. 1-10, 2022.
[50] A. A. R. A.-c. Omar, B. Soudan and A. Altaweel, “A comprehensive survey on detection of sinkhole attack in routing over low power and Lossy network for internet of things,” Internet of things, vol. 22, Issue 100750, 2023.
[51] E.-M. Nikolados, A. Wongprommoon, O. M. Aodha, G. Cambray and D. A. Oyarzún, “Accuracy and data efficiency in deep learning models of protein expression,” Nature communications, vol. 13, Issue 7755, pp. 1-12, 2023.
[52] T. F. Monaghan, S. N. Rahman, C. W. Agudelo, A. J. Wein, J. M. Lazar, K. Everaert and R. R. Dmochowski, “Foundational Statistical Principles in Medical Research: Sensitivity, Specificity, Positive Predictive Value, and Negative Predictive Value,” Medicina, vol. 57, Issue 503, pp. 1-7, 2021.
[53] L.-E. Pommé, R. Bourqui, R. Giot and D. Auber, “Relative Confusion Matrix: Efficient Comparison of Decision Models,” in 2022 26th International Conference Information Visualisation (IV), Vienna, Austria, 2022.
[54] E. U. H. Qazi, M. H. Faheem and T. Zia, “HDLNIDS: Hybrid Deep-Learning-Based Network Intrusion Detection System,” Applied Sciences, vol. 13, Issue 4921, pp. 1-16, 2023.
[55] M. Bhavsar, K. Roy, J. Kelly and O. Olusola, “Anomaly based intrusion detection system for IoT application,” Discover Internet of Things, vol. 3, Issue 5, pp. 1-23, 2023.
[56] A. Ayantayo, A. Kaur, A. Kour, X. Schmoor, F. Shah, I. Vickers, P. K. and M. M. Abdelsamea, “Network intrusion detection using feature fusion with deep learning,” Journal of Big Data, vol. 10, Issue 67, pp. 1-24, 2023.
[57] S. Srinivasan and D. P, “Enhancing the security in cyber-world by detecting the botnets using ensemble classification based machine learning,” Measurement: Sensors, vol. 25, Issue 100624, pp. 1-7, 2023.