Skip to main content
SpringerLink
Log in

Identification of Botnet Attacks Using Hybrid Machine Learning Models

  • Conference paper
  • First Online:
Hybrid Intelligent Systems (HIS 2019)

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 1179))

Included in the following conference series:

Abstract

Botnet attacks are the new threat in the world of cyber security. In the last few years with the rapid growth of IoT based Technology and networking systems connecting large number of devices, attackers can deploy bots on the network and perform large scale cyber-attacks which can affect anything from millions of personal computers to large scale organizations. Hence, there is a necessity to implement countermeasures to over-come botnet attacks. In this paper, three hybrid models are proposed which are developed by integrating multiple machine learning algorithms like Random Forest (RF), Support Vector Machine (SVM), Naive Bayes (NB), K-Nearest Neighbor (KNN) and Linear Regression (LR). According to our experimental analysis, the RF-SVM has the highest accuracy (85.34%) followed by RF-NB-K-NN (83.36%) and RF-KNN-LR (79.56%).

This paper is an extension of Khan N.M., Madhav C. N., Negi A., Thaseen I.S. (2020) Analysis on Improving the Performance of Machine Learning Models Using Feature Selection Technique. In: Abraham A., Cherukuri A., Melin P., Gandhi N. (eds) Intelligent Systems Design and Applications.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Abbreviations

IDS:

Intrusion Detection System

KNN:

K-Nearest Neighbor

LR:

Linear Regression

NB:

Naïve Bayes

RF:

Random Forest

SVM:

Support Vector Machine

References

  1. Bostani, H., Sheikhan, M.: Hybrid of anomaly-based and specification-based IDS for Internet of Things using unsupervised OPF based on MapReduce approach. Comput. Commun. 98, 52–71 (2017)

    Article  Google Scholar 

  2. Tavallaee, M., Stakhanova, N., Ghorbani, A.A.: Toward credible evaluation of anomaly-based intrusion-detection methods. IEEE Trans. Syst. Man Cybern. Part C (Appl Rev.) 40(5), 516–524 (2010)

    Google Scholar 

  3. Zhao, D., Traore, I., Sayed, B., Wei, L., Saad, S., Ghorbani, A., Garant, D.: Botnet detection based on traffic behavior analysis and flow intervals. Comput. Secur. 39, 2–16 (2013)

    Article  Google Scholar 

  4. Szabó, G., Orincsay, D., Malomsoky, S., Szabó, I.: On the validation of traffic classification algorithms. In: International Conference on Passive and Active Network Measurement. Springer, Heidelberg, pp. 72–81 (2008)

    Google Scholar 

  5. Butun, I., Kantarci, B., Erol-Kantarci, M:. Anomaly detection and privacy preservation in cloud-centric Internet of Things. In: 2015 IEEE International Conference on Communication Workshop (ICCW), pp. 2610–2615 (2015)

    Google Scholar 

  6. Pa, Y.M.P., Suzuki, S, Yoshioka, K., Matsumoto, T., Kasama, T., Rossow, C.:. IoTPOT: a novel honeypot for revealing current IoT threats. J. Inf. Process. 24(3), 522–533 (2016)

    Google Scholar 

  7. Summerville, D.H., Zach, K.M., Chen, Y.: Ultra-lightweight deep packet anomaly detection for Internet of Things devices. In: 2015 IEEE 34th International Performance Computing and Communications Conference (IPCCC), pp. 1–8 (2015)

    Google Scholar 

  8. Wang, P., Lei, W., Cunningham, R., Zou, C.C.: Honeypot detection in advanced botnet attacks. Int. J. Inf. Comput. Secur. 4(1), 30–51 (2010)

    Google Scholar 

  9. Raza, S., Wallgren, L., Voigt, T.: SVELTE: real-time intrusion detection in the Internet of Things. Ad Hoc Netw. 11(8), 2661–2674 (2013)

    Article  Google Scholar 

  10. Doshi, R., Apthorpe, N., Feamster. N.: Machine learning ddos detection for consumer internet of things devices. In: 2018 IEEE Security and Privacy Workshops (SPW), pp. 29–35 (2018)

    Google Scholar 

  11. Dollah, R., Fadhlee Mohd, M., Faizal, A., Arif, F., Mas’ud, M.Z., Xin, L.K.: Machine learning for HTTP botnet detection using classifier algorithms. J. Telecommun. Electron. Comput. Eng. (JTEC), 10(1–7), 27-30 (2018)

    Google Scholar 

  12. Hoque, N., Bhattacharyya, D.K., Kalita, J.K.: Botnet in DDoS attacks: trends and challenges. IEEE Commun. Surv. Tutorials 17(4), 2242–2270 (2015)

    Article  Google Scholar 

  13. Anwar, S., Zain, J.M., Inayat, Z., Ul Haq, R., Karim, A., Jabir, A.N.: A static approach towards mobile botnet detection. In: 2016 3rd International Conference on Electronic Design (ICED), pp. 563–567 (2016)

    Google Scholar 

  14. Bahşi, H., Nõmm, S., La Torre, F.B.: Dimensionality reduction for machine learning based iot botnet detection. In: 2018 15th International Conference on Control, Automation, Robotics and Vision (ICARCV), pp. 1857–1862 (2018)

    Google Scholar 

  15. Midi, D., Rullo, A., Mudgerikar, A., Bertino, E.: Kalis—A system for knowledge-driven adaptable intrusion detection for the Internet of Things. In: 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS), pp. 656–666 (2017)

    Google Scholar 

  16. Bertino, E., Islam, N.: Botnets and internet of things security. Computer 2, 76–79 (2017)

    Article  Google Scholar 

  17. Hallman, R., Bryan, J., Palavicini, G., Divita, J., Romero-Mariona, J.: IoDDoS - the internet of distributed denial of sevice attacks-a case study of the mirai malware and IoT-based botnets. In: IoTBDS, pp. 47–58 (2017)

    Google Scholar 

  18. Özçelik, M., Chalabianloo, N., Gür, G.: Software-defined edge defense against IoT-based DDoS. In: 2017 IEEE International Conference on Computer and Information Technology (CIT), pp. 308–313 (2017)

    Google Scholar 

  19. Sedjelmaci, H., Senouci, S.M., Al-Bahri, M.: A lightweight anomaly detection technique for low-resource IoT devices: a game- theoretic methodology. In: 2016 IEEE International Conference on Communications (ICC), pp. 1–6 (2016)

    Google Scholar 

  20. Stevanovic, M., Pedersen, J.M.: An efficient flow-based botnet detection using supervised machine learning. In: 2014 International Conference on Computing, Networking and Communications (ICNC), pp. 797–801, February 2014

    Google Scholar 

  21. Pandey, A., Gill, N., Nadendla, K.S.P., Thaseen, I.S.: Identification of phishing attack in websites using random forest-SVM hybrid model. In: International Conference on Intelligent Systems Design and Applications, pp. 120–128. Springer, Cham, December 2018

    Google Scholar 

  22. Shiravi, A., Shiravi, H., Tavallaee, M., Ghorbani, A.: Toward developing a systematic approach to generate benchmark datasets for intrusion detection. Comput. Secur. 31, 357–374 (2012)

    Article  Google Scholar 

Download references

Acknowledgement

This research was undertaken with the support of the Scheme for Promotion of Academic and Research Collaboration (SPARC) grant SPARC/2018-2019/P616/SL “Intelligent Anomaly Detection System for Encrypted Network Traffic”.

Author information

Authors and Affiliations

  1. School of Information Technology and Engineering, Vellore Institute of Technology, Vellore, Tamil Nadu, India

    Amritanshu Pandey, Sumaiya Thaseen & Ch. Aswani Kumar

  2. School of Information Technology, Deakin University, Melbourne, Australia

    Gang Li

Authors
  1. Amritanshu Pandey
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sumaiya Thaseen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ch. Aswani Kumar
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Gang Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sumaiya Thaseen .

Editor information

Editors and Affiliations

  1. Scientific Network for Innovation and Research Excellence, Machine Intelligence Research Labs (MIR), Auburn, WA, USA

    Ajith Abraham

  2. School of Computer Science and Engineering, VIT Bhopal University, Bhopal, Madhya Pradesh, India

    Shishir K. Shandilya

  3. Area of Project Engineering, University of Cordoba, Córdoba, Spain

    Laura Garcia-Hernandez

  4. Escola de Engenharia, Universidade do Minho, Guimarães, Portugal

    Maria Leonilde Varela

Rights and permissions

Reprints and permissions

Copyright information

© 2021 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Pandey, A., Thaseen, S., Aswani Kumar, C., Li, G. (2021). Identification of Botnet Attacks Using Hybrid Machine Learning Models. In: Abraham, A., Shandilya, S., Garcia-Hernandez, L., Varela, M. (eds) Hybrid Intelligent Systems. HIS 2019. Advances in Intelligent Systems and Computing, vol 1179. Springer, Cham. https://doi.org/10.1007/978-3-030-49336-3_25

Download citation

Publish with us

Policies and ethics

Search

Navigation