Skip to main content
SpringerLink
Log in

Botnet Detection Method Based on NSA and DRN

  • Conference paper
  • First Online:
Neural Information Processing (ICONIP 2023)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1968))

Included in the following conference series:

  • 454 Accesses

Abstract

Botnets are one of the most serious cybersecurity threats facing organizations today. Although the analysis and detection of botnets have achieved a lot of research results, it still has problems such as strong concealment and difficult identification. Therefore, we propose a botnet detection method based on NSA and DRN. This method uses our improved NSA to expand the preprocessed and dimensionally reduced malicious traffic data with fewer samples, and then extracts useful features of network traffic from two dimensions through SENet-based DRN combined with BiGRU. Experimental results based on the CICIDS-2017 and UNSW-NB15 datasets show that our proposed method has a high accuracy for botnet detection and improves the detection accuracy of rare malicious traffic 99.99% and 99.96%. In addition, we further demonstrate the good generalization ability and robustness of our method in botnet detection through an ablation study.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 79.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 99.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Alexander, L., Candid, W.: Acronis Cyberthreats Report 2022. Acronis (2022)

    Google Scholar 

  2. García, S., Zunino, A., Campo, M.: Survey on network-based botnet detection methods. Secur. Commun. Netw. 7(5), 878–903 (2014)

    Article  Google Scholar 

  3. Almutairi, S., et al.: Hybrid botnet detection based on host and network analysis. J. Comput. Netw. Commun. 2020, 1–16 (2020)

    Article  Google Scholar 

  4. Velasco-Mata, J., et al.: Real-time botnet detection on large network bandwidths using machine learning. Sci. Rep. 13(1), 4282 (2023)

    Article  Google Scholar 

  5. Yin, Y., et al.: IGRF-RFE: a hybrid feature selection method for MLP-based network intrusion detection on UNSW-NB15 dataset. J. Big Data 10(1), 1–26 (2023)

    Article  MathSciNet  Google Scholar 

  6. Yang, G., et al.: A modified gray wolf optimizer-based negative selection algorithm for network anomaly detection. Int. J. Intell. Syst. (2023)

    Google Scholar 

  7. Zhang, H., et al.: An effective convolutional neural network based on SMOTE and Gaussian mixture model for intrusion detection in imbalanced dataset. Comput. Netw. 177, 107315 (2020)

    Article  Google Scholar 

  8. Liu, X., et al.: A GAN and feature selection-based oversampling technique for intrusion detection. Secur. Commun. Netw. 2021, 1–15 (2021)

    Google Scholar 

  9. Maćkiewicz, A., Ratajczak, W.: Principal components analysis (PCA). Comput. Geosci. 19(3), 303–342 (1993)

    Article  Google Scholar 

  10. Ji, Z., Dasgupta, D.: V-detector: an efficient negative selection algorithm with “probably adequate” detector coverage. Inf. Sci. 179(10), 1390–1406 (2009)

    Article  Google Scholar 

  11. Dasgupta, D.: Advances in artificial immune systems. IEEE Comput. Intell. Mag. 1(4), 40–49 (2006)

    Article  Google Scholar 

  12. Yu, F., Koltun, V., Funkhouser, T.: Dilated residual networks. In: CVPR, pp. 472–480 (2017)

    Google Scholar 

  13. Hu, J., Shen, L., Sun, G.: Squeeze-and-excitation networks. In: CVPR, pp. 7132–7141 (2018)

    Google Scholar 

  14. Cho, K., et al.: Learning phrase representations using RNN encoder-decoder for statistical machine translation. arXiv preprint arXiv:1406.1078 (2014)

    Google Scholar 

  15. Yu, F., Koltun, V.: Multi-scale context aggregation by dilated convolutions. arXiv preprint arXiv:1511.07122 (2015)

    Google Scholar 

  16. He, K., et al.: Deep residual learning for image recognition. In: CVPR, pp. 770–778 (2016)

    Google Scholar 

  17. Schuster, M., Paliwal, K.K.: Bidirectional recurrent neural networks. IEEE Trans. Signal Process. 45(11), 2673–2681 (1997)

    Article  Google Scholar 

  18. Bengio, Y., Simard, Y., Frasconi, P.: Learning long-term dependencies with gradient descent is difficult. IEEE Trans. Neural Netw. 5(2), 157–166 (1994)

    Article  Google Scholar 

  19. Panigrahi, R., Borah, S.: A detailed analysis of CICIDS2017 dataset for designing intrusion detection systems. Int. J. Eng. Technol. 7(3.24), 479–482 (2018)

    Google Scholar 

  20. Moustafa, N., Slay, J.: UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: 2015 Military Communications and Information Systems Conference, pp. 1–6. IEEE (2015)

    Google Scholar 

  21. Liu, I.H., et al.: Data balanced algorithm based on generative adversarial network. In: 27th International Conference on Artificial Life and Robotics (ICAROB 2022), pp. 645–649. ALife Robotics Corporation Ltd. (2022)

    Google Scholar 

  22. Alabrah, A.: A novel study: GAN-based minority class balancing and machine-learning-based network intruder detection using chi-square feature selection. Appl. Sci. 12(22), 11662 (2022)

    Article  Google Scholar 

Download references

Acknowledgement

This research was supported by Sichuan Science and Technology Program (No. 2022YFG0339).

Author information

Authors and Affiliations

  1. School of Computer Science and Technology, Southwest University of Science and Technology, Mianyang, 621000, Sichuan, China

    Zhanhong Yin, Renchao Qin, Chengzhuo Ye, Fei He & Lan Zhang

Authors
  1. Zhanhong Yin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Renchao Qin
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Chengzhuo Ye
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Fei He
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Lan Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Renchao Qin .

Editor information

Editors and Affiliations

  1. Scholl of Automation, Central South University, Changsha, China

    Biao Luo

  2. Institute of Automation, Chinese Academy of Sciences, Beijing, China

    Long Cheng

  3. Institute of Cyber-Systems and Control, Zhejiang University, Hangzhou, China

    Zheng-Guang Wu

  4. School of Automation, Guangdong University of Technology, Guangzhou, China

    Hongyi Li

  5. School of Electrical Engineering and Telecommunications, UNSW Sydney, Sydney, NSW, Australia

    Chaojie Li

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Yin, Z., Qin, R., Ye, C., He, F., Zhang, L. (2024). Botnet Detection Method Based on NSA and DRN. In: Luo, B., Cheng, L., Wu, ZG., Li, H., Li, C. (eds) Neural Information Processing. ICONIP 2023. Communications in Computer and Information Science, vol 1968. Springer, Singapore. https://doi.org/10.1007/978-981-99-8181-6_40

Download citation

  • DOI: https://doi.org/10.1007/978-981-99-8181-6_40

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-99-8180-9

  • Online ISBN: 978-981-99-8181-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation