Abstract
Botnet detection systems are becoming more important as cybercriminals continue to develop new Bot tools and applications. A botnet is a collection of several compromised systems that are connected to the central controller called a botmaster. These compromised devices are carried out various malicious activities, such as DDoS attacks, phishing, Email Spam, identity theft, stealing personal credentials of the user, etc. due to the dynamic change in the botnet size, it is difficult to detect the botnet. As long as botmasters are coming up with new ways to attack, sophisticated solutions for botnet detection are very essential. To illustrate how to use these tools, this paper will discuss several tools and processes involved in developing a Botnet detection system. Different libraries like Scikit Learn, Pandas, Theano, Matplotlib, Pickel, and NumPy are used. Additionally, the processes for utilising these tools are illustrated in this paper. The features are extracted like packet size, packet byes, source address, destination address, length, and corresponding protocols. Feature extraction requires a significant amount of domain expertise and manual work from professionals in current machine learning-based botnet detection systems. Botnets are divided based on their protocol, such as Internet relay chat, DNS, and P2P which are used by the C&C Server. In this paper, we proposed a model to detect Botnet using three machine learning algorithms, i.e., K-Nearest Neighbor (KNN), Decision Tree (DT), and Naive Bayes (NB) for the experiments on a dataset among these three classifiers NB performs the best and has an accuracy of 90.62%.
Similar content being viewed by others
Data Availability
The data are available upon reasonable request to the corresponding authors.
References
Bijalwan A, Chand N, Shubhakar Pilli E, Rama Krishna C. Botnet analysis using ensemble classifier. Perspect Sci. 2016;8:502–4. https://doi.org/10.1016/j.pisc.2016.05.008.
Tikekar PC, Sherekar SS, Thakre VM. “Taxonomy of Botnet structure” heterogenous computational intelligence in the internet of things HCIIT-2022, Bhopal, India, 19–20, December 2022. CRC Press, Taylor & Francis Group, FL, USA; 2022.
Singh AK, Kumar J. A privacy-preserving multidimensional data aggregation scheme with secure query processing for smart grid. J Supercomput. 2023;79(4):3750–70. https://doi.org/10.1007/s11227-022-04794-9.
Kalakoti Rajesh, Nõmm Sven, Bahsi Hayretdin. In-depth feature selection for the statistical machine learning-based botnet detection in IOT networks. IEEE Access. 2022;10:94518–35. https://doi.org/10.1109/ACCESS.2022.3204001.
Tikekar PC, Sherekar SS. Comparative analysis of botnet detection techniques using machine learning classifier. In: International conference on advanced communications and machine intelligence. Singapore: Springer Nature Singapore; 2022. pp. 211–220. https://doi.org/10.1007/978-981-99-2768-5_19
Tikekar PC, Sherekar SS, Thakre VM, Sherekar A. Comparative analysis of mobile botnet detection techniques. In: The national conference on emerging trends in science (NCETS); 2019. pp. 1–2.
Patil AJ, Deshpande A. A comprehensive review on social botnet detection techniques. In: 2022 International conference on augmented intelligence and sustainable systems (ICAISS). IEEE; 2022. pp. 950–957. https://doi.org/10.1109/ICAISS55157.2022.10010877.
Lo WW, Kulatilleke G, Sarhan M, Layeghy S, Portmann M. XG-BoT: an explainable deep graph neural network for botnet detection and forensics. Internet Things. 2023;22: 100747. https://doi.org/10.1016/j.iot.2023.100747.
van Roosmalen J, Vranken H, van Eekelen M. Applying deep learning on packet flows for botnet detection. In: Proceedings of the 33rd annual ACM symposium on applied computing; 2018. pp. 1629–1636. https://doi.org/10.1145/3167306.
Tikekar PC, Sherekar SS, Thakre VM. A study of botnet architecture and its defense mechanism. In: National conference on recents advances in science and technology (AJANTA). 2019; pp. 5–6.
Tikekar PC, Sherekar SS. Command and control structure with its detection technique for botnet. In: Proceeding 108th Indian science congress conference (ISCA), 3–7 Jan 2023.
Tikekar PC, Sherekar SS, Thakre VM. Critical analysis of botnet detection techniques for web applications. In: 2019 International conference on innovative trends and advances in engineering and technology (ICITAET). IEEE; 2019. pp. 89–93. https://doi.org/10.1109/ICITAET47105.2019.9170246.
Tikekar PC, Sherekar SS, Thakre VM (2021) Features representation of botnet detection using machine learning approaches. In: 2021 International conference on computational intelligence and computing applications (ICCICA). IEEE; 2021, pp. 1–5. https://doi.org/10.1109/ICCICA52458.2021.9697320.
Tikekar PC, Sherekar SS, Thakre VM. An empirical analysis of botnet detection techniques using machine learning. In: AICTE-sponsored international conference on electrical engineering and multi-disciplinary research [ICEEMR-2022]. Chennai Institute of Technology, 23–24 June 2022.
Tikekar PC, Sherekar SS, Thakre VM. An approach for P2P based botnet detection using machine learning. In: 2022 Third international conference on intelligent computing instrumentation and control technologies (ICICICT). IEEE; 2022. pp. 627–631. https://doi.org/10.1109/ICICICT54557.2022.9917847.
McKay R, Pendleton B, Britt J, Nakhavanit B. Machine learning algorithms on botnet traffic: ensemble and simple algorithms. In: Proceedings of the 2019 3rd international conference on compute and data analysis; 2019. pp. 31–35. https://doi.org/10.1145/3314545.3314569.
Yadav J, Thakur J. BotEye: botnet detection technique via traffic flow analysis using machine learning classifiers. In: 2020 Sixth international conference on parallel, distributed and grid computing (PDGC). IEEE; 2020. pp. 154–159. https://doi.org/10.1109/PDGC50313.2020.9315792.
Alshamkhany M, Alshamkhany W, Mansour M, Khan M, Dhou S, Aloul F. Botnet attack detection using machine learning. In: 2020 14th International conference on innovations in information technology (IIT). IEEE; 2020. pp. 203–208. https://doi.org/10.1109/IIT50501.2020.9299061.
Bharathula P, Mridula MN. Equitable machine learning algorithms to probe over p2p botnets. In: Proceedings of the 4th international conference on frontiers in intelligent computing: theory and applications (FICTA) 2015. India: Springer; 2016. pp. 13–21. https://doi.org/10.1007/978-81-322-2695-6_2.
Joshi HP, Dutta R. Gadfly: a fast and robust algorithm to detect p2p botnets in communication graphs. In: 2018 IEEE global communications conference (GLOBECOM). IEEE; 2018, pp. 1–6. https://doi.org/10.1109/GLOCOM.2018.8647234.
Mousavi SH, Khansari M, Rahmani R. A fully scalable big data framework for Botnet detection based on network traffic analysis. Inf Sci. 2020;512:629–40. https://doi.org/10.1016/j.ins.2019.10.018.
Nazemi GM, Mashayekhi H, Mashayekhi Y. A self-learning stream classifier for flow-based botnet detection. Int J Commun Syst. 2019;32(16): e4143. https://doi.org/10.1002/dac.4143.
Li W, Jin J, Lee J-H. Analysis of botnet domain names for IoT cybersecurity. IEEE Access. 2019;7:94658–65. https://doi.org/10.1109/ACCESS.2019.2927355.
Kumar J, Gupta R, Saxena D, Kumar Singh A. Power consumption forecast model using ensemble learning for smart grid. J Supercomput. 2023;79:11007–28. https://doi.org/10.1007/s11227-023-05096-4.
Awad AA, Sayed SG., Salem SA. A network-based framework for rat-bots detection. In: 2017 8th IEEE annual information technology, electronics and mobile communication conference (IEMCON). IEEE; 2017. pp. 128–133. https://doi.org/10.1109/IEMCON.2017.8117169.
Chavan N, Kukreja M, Jagwani G, Nishad N, Deb N. Ddos attack detection and botnet prevention using machine learning. In: 2022 8th international conference on advanced computing and communication systems (ICACCS), vol 1. IEEE; 2022. pp. 1159–1163. https://doi.org/10.1109/ICACCS54159.2022.9785247.
Singh AK, Kumar J. A secure and privacy-preserving data aggregation and classification model for smart grid. Multimed Tools Appl. 2023. https://doi.org/10.1007/s11042-023-14599-4.
Long C, Xiao X, Wan W, Zhao J, Wei J, Du G. Botnet detection based on flow summary and graph sampling with machine learning. In: 2021 International conference on computer engineering and application (ICCEA). IEEE; 2021. pp. 309–317. https://doi.org/10.1109/ICCEA53728.2021.00068.
Hegde M, Kepnang G, Al Mazroei M, Chavis JS, Watkins L. Identification of botnet activity in IoT network traffic using machine learning. In: 2020 International conference on intelligent data science technologies and applications (IDSTA). IEEE; 2020. pp. 21–27. https://doi.org/10.1109/IDSTA50958.2020.9264143.
Haq S, Singh Y. Botnet detection using machine learning. In: 2018 Fifth international conference on parallel, distributed and grid computing (PDGC). IEEE; 2018. pp. 240–245. https://doi.org/10.1109/PDGC.2018.8745912.
Muhammad A, Asad M, Rehman Javed A. Robust early stage botnet detection using machine learning. In: 2020 International conference on cyber warfare and security (ICCWS). IEEE; 2020. pp. 1–6. https://doi.org/10.1109/ICCWS48432.2020.9292395.
Cunha AA, Borges JB, Loureiro Antonio AF. Classification of botnet attacks in IoT using a convolutional neural network. In: Proceedings of the 18th ACM international symposium on QoS and security for wireless and mobile networks; 2022. pp. 63–70. https://doi.org/10.1145/3551661.3561374.
Apruzzese G, Colajanni M, Marchetti M. Evaluating the effectiveness of adversarial attacks against botnet detectors. In: 2019 IEEE 18th International symposium on network computing and applications (NCA). IEEE; 2019. pp. 1–8. https://doi.org/10.1109/NCA.2019.8935039.
Kloft M, Brefeld U, Düessel P, Gehl C, Laskov P. Automatic feature selection for anomaly detection. In: Proceedings of the 1st ACM workshop on workshop on AISec; 2008. pp. 71–76. https://doi.org/10.1145/1456377.1456395.
Araujo AM, de Bergamini NA, Nogueira M. Autonomous machine learning for early bot detection in the internet of things. Digit Commun Netw. 2022. https://doi.org/10.1016/j.dcan.2022.05.011.
Funding
Not applicable.
Author information
Authors and Affiliations
Contributions
All the authors have discussed and constructed the ideas, and wrote the paper together.
Corresponding author
Ethics declarations
Conflict of Interest
The authors have no conflict of interest regarding the publication.
Ethical Approval
This article does not contain any studies with human participants or animals performed by any of the authors.
Informed Consent
Informed consent was obtained from all individual participants included in the study.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Tikekar, P.C., Sherekar, S.S. & Kumar, J. An Approach for Detection of Botnet Based on Machine Learning Classifier. SN COMPUT. SCI. 5, 300 (2024). https://doi.org/10.1007/s42979-024-02636-4
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s42979-024-02636-4