Abstract
Botnets are one of the most serious cybersecurity threats facing organizations today. Although the analysis and detection of botnets have achieved a lot of research results, it still has problems such as strong concealment and difficult identification. Therefore, we propose a botnet detection method based on NSA and DRN. This method uses our improved NSA to expand the preprocessed and dimensionally reduced malicious traffic data with fewer samples, and then extracts useful features of network traffic from two dimensions through SENet-based DRN combined with BiGRU. Experimental results based on the CICIDS-2017 and UNSW-NB15 datasets show that our proposed method has a high accuracy for botnet detection and improves the detection accuracy of rare malicious traffic 99.99% and 99.96%. In addition, we further demonstrate the good generalization ability and robustness of our method in botnet detection through an ablation study.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Alexander, L., Candid, W.: Acronis Cyberthreats Report 2022. Acronis (2022)
García, S., Zunino, A., Campo, M.: Survey on network-based botnet detection methods. Secur. Commun. Netw. 7(5), 878–903 (2014)
Almutairi, S., et al.: Hybrid botnet detection based on host and network analysis. J. Comput. Netw. Commun. 2020, 1–16 (2020)
Velasco-Mata, J., et al.: Real-time botnet detection on large network bandwidths using machine learning. Sci. Rep. 13(1), 4282 (2023)
Yin, Y., et al.: IGRF-RFE: a hybrid feature selection method for MLP-based network intrusion detection on UNSW-NB15 dataset. J. Big Data 10(1), 1–26 (2023)
Yang, G., et al.: A modified gray wolf optimizer-based negative selection algorithm for network anomaly detection. Int. J. Intell. Syst. (2023)
Zhang, H., et al.: An effective convolutional neural network based on SMOTE and Gaussian mixture model for intrusion detection in imbalanced dataset. Comput. Netw. 177, 107315 (2020)
Liu, X., et al.: A GAN and feature selection-based oversampling technique for intrusion detection. Secur. Commun. Netw. 2021, 1–15 (2021)
Maćkiewicz, A., Ratajczak, W.: Principal components analysis (PCA). Comput. Geosci. 19(3), 303–342 (1993)
Ji, Z., Dasgupta, D.: V-detector: an efficient negative selection algorithm with “probably adequate” detector coverage. Inf. Sci. 179(10), 1390–1406 (2009)
Dasgupta, D.: Advances in artificial immune systems. IEEE Comput. Intell. Mag. 1(4), 40–49 (2006)
Yu, F., Koltun, V., Funkhouser, T.: Dilated residual networks. In: CVPR, pp. 472–480 (2017)
Hu, J., Shen, L., Sun, G.: Squeeze-and-excitation networks. In: CVPR, pp. 7132–7141 (2018)
Cho, K., et al.: Learning phrase representations using RNN encoder-decoder for statistical machine translation. arXiv preprint arXiv:1406.1078 (2014)
Yu, F., Koltun, V.: Multi-scale context aggregation by dilated convolutions. arXiv preprint arXiv:1511.07122 (2015)
He, K., et al.: Deep residual learning for image recognition. In: CVPR, pp. 770–778 (2016)
Schuster, M., Paliwal, K.K.: Bidirectional recurrent neural networks. IEEE Trans. Signal Process. 45(11), 2673–2681 (1997)
Bengio, Y., Simard, Y., Frasconi, P.: Learning long-term dependencies with gradient descent is difficult. IEEE Trans. Neural Netw. 5(2), 157–166 (1994)
Panigrahi, R., Borah, S.: A detailed analysis of CICIDS2017 dataset for designing intrusion detection systems. Int. J. Eng. Technol. 7(3.24), 479–482 (2018)
Moustafa, N., Slay, J.: UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: 2015 Military Communications and Information Systems Conference, pp. 1–6. IEEE (2015)
Liu, I.H., et al.: Data balanced algorithm based on generative adversarial network. In: 27th International Conference on Artificial Life and Robotics (ICAROB 2022), pp. 645–649. ALife Robotics Corporation Ltd. (2022)
Alabrah, A.: A novel study: GAN-based minority class balancing and machine-learning-based network intruder detection using chi-square feature selection. Appl. Sci. 12(22), 11662 (2022)
Acknowledgement
This research was supported by Sichuan Science and Technology Program (No. 2022YFG0339).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Yin, Z., Qin, R., Ye, C., He, F., Zhang, L. (2024). Botnet Detection Method Based on NSA and DRN. In: Luo, B., Cheng, L., Wu, ZG., Li, H., Li, C. (eds) Neural Information Processing. ICONIP 2023. Communications in Computer and Information Science, vol 1968. Springer, Singapore. https://doi.org/10.1007/978-981-99-8181-6_40
Download citation
DOI: https://doi.org/10.1007/978-981-99-8181-6_40
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-99-8180-9
Online ISBN: 978-981-99-8181-6
eBook Packages: Computer ScienceComputer Science (R0)