Skip to main content
SpringerLink
Log in

An Approach for Detection of Botnet Based on Machine Learning Classifier

  • Original Research
  • Published:
SN Computer Science Aims and scope Submit manuscript

Abstract

Botnet detection systems are becoming more important as cybercriminals continue to develop new Bot tools and applications. A botnet is a collection of several compromised systems that are connected to the central controller called a botmaster. These compromised devices are carried out various malicious activities, such as DDoS attacks, phishing, Email Spam, identity theft, stealing personal credentials of the user, etc. due to the dynamic change in the botnet size, it is difficult to detect the botnet. As long as botmasters are coming up with new ways to attack, sophisticated solutions for botnet detection are very essential. To illustrate how to use these tools, this paper will discuss several tools and processes involved in developing a Botnet detection system. Different libraries like Scikit Learn, Pandas, Theano, Matplotlib, Pickel, and NumPy are used. Additionally, the processes for utilising these tools are illustrated in this paper. The features are extracted like packet size, packet byes, source address, destination address, length, and corresponding protocols. Feature extraction requires a significant amount of domain expertise and manual work from professionals in current machine learning-based botnet detection systems. Botnets are divided based on their protocol, such as Internet relay chat, DNS, and P2P which are used by the C&C Server. In this paper, we proposed a model to detect Botnet using three machine learning algorithms, i.e., K-Nearest Neighbor (KNN), Decision Tree (DT), and Naive Bayes (NB) for the experiments on a dataset among these three classifiers NB performs the best and has an accuracy of 90.62%.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13

Similar content being viewed by others

Data Availability

The data are available upon reasonable request to the corresponding authors.

References

  1. Bijalwan A, Chand N, Shubhakar Pilli E, Rama Krishna C. Botnet analysis using ensemble classifier. Perspect Sci. 2016;8:502–4. https://doi.org/10.1016/j.pisc.2016.05.008.

    Article  Google Scholar 

  2. Tikekar PC, Sherekar SS, Thakre VM. “Taxonomy of Botnet structure” heterogenous computational intelligence in the internet of things HCIIT-2022, Bhopal, India, 19–20, December 2022. CRC Press, Taylor & Francis Group, FL, USA; 2022.

  3. Singh AK, Kumar J. A privacy-preserving multidimensional data aggregation scheme with secure query processing for smart grid. J Supercomput. 2023;79(4):3750–70. https://doi.org/10.1007/s11227-022-04794-9.

    Article  Google Scholar 

  4. Kalakoti Rajesh, Nõmm Sven, Bahsi Hayretdin. In-depth feature selection for the statistical machine learning-based botnet detection in IOT networks. IEEE Access. 2022;10:94518–35. https://doi.org/10.1109/ACCESS.2022.3204001.

    Article  Google Scholar 

  5. Tikekar PC, Sherekar SS. Comparative analysis of botnet detection techniques using machine learning classifier. In: International conference on advanced communications and machine intelligence. Singapore: Springer Nature Singapore; 2022. pp. 211–220. https://doi.org/10.1007/978-981-99-2768-5_19

  6. Tikekar PC, Sherekar SS, Thakre VM, Sherekar A. Comparative analysis of mobile botnet detection techniques. In: The national conference on emerging trends in science (NCETS); 2019. pp. 1–2.

  7. Patil AJ, Deshpande A. A comprehensive review on social botnet detection techniques. In: 2022 International conference on augmented intelligence and sustainable systems (ICAISS). IEEE; 2022. pp. 950–957. https://doi.org/10.1109/ICAISS55157.2022.10010877.

  8. Lo WW, Kulatilleke G, Sarhan M, Layeghy S, Portmann M. XG-BoT: an explainable deep graph neural network for botnet detection and forensics. Internet Things. 2023;22: 100747. https://doi.org/10.1016/j.iot.2023.100747.

    Article  Google Scholar 

  9. van Roosmalen J, Vranken H, van Eekelen M. Applying deep learning on packet flows for botnet detection. In: Proceedings of the 33rd annual ACM symposium on applied computing; 2018. pp. 1629–1636. https://doi.org/10.1145/3167306.

  10. Tikekar PC, Sherekar SS, Thakre VM. A study of botnet architecture and its defense mechanism. In: National conference on recents advances in science and technology (AJANTA). 2019; pp. 5–6.

  11. Tikekar PC, Sherekar SS. Command and control structure with its detection technique for botnet. In: Proceeding 108th Indian science congress conference (ISCA), 3–7 Jan 2023.

  12. Tikekar PC, Sherekar SS, Thakre VM. Critical analysis of botnet detection techniques for web applications. In: 2019 International conference on innovative trends and advances in engineering and technology (ICITAET). IEEE; 2019. pp. 89–93. https://doi.org/10.1109/ICITAET47105.2019.9170246.

  13. Tikekar PC, Sherekar SS, Thakre VM (2021) Features representation of botnet detection using machine learning approaches. In: 2021 International conference on computational intelligence and computing applications (ICCICA). IEEE; 2021, pp. 1–5. https://doi.org/10.1109/ICCICA52458.2021.9697320.

  14. Tikekar PC, Sherekar SS, Thakre VM. An empirical analysis of botnet detection techniques using machine learning. In: AICTE-sponsored international conference on electrical engineering and multi-disciplinary research [ICEEMR-2022]. Chennai Institute of Technology, 23–24 June 2022.

  15. Tikekar PC, Sherekar SS, Thakre VM. An approach for P2P based botnet detection using machine learning. In: 2022 Third international conference on intelligent computing instrumentation and control technologies (ICICICT). IEEE; 2022. pp. 627–631. https://doi.org/10.1109/ICICICT54557.2022.9917847.

  16. McKay R, Pendleton B, Britt J, Nakhavanit B. Machine learning algorithms on botnet traffic: ensemble and simple algorithms. In: Proceedings of the 2019 3rd international conference on compute and data analysis; 2019. pp. 31–35. https://doi.org/10.1145/3314545.3314569.

  17. Yadav J, Thakur J. BotEye: botnet detection technique via traffic flow analysis using machine learning classifiers. In: 2020 Sixth international conference on parallel, distributed and grid computing (PDGC). IEEE; 2020. pp. 154–159. https://doi.org/10.1109/PDGC50313.2020.9315792.

  18. Alshamkhany M, Alshamkhany W, Mansour M, Khan M, Dhou S, Aloul F. Botnet attack detection using machine learning. In: 2020 14th International conference on innovations in information technology (IIT). IEEE; 2020. pp. 203–208. https://doi.org/10.1109/IIT50501.2020.9299061.

  19. Bharathula P, Mridula MN. Equitable machine learning algorithms to probe over p2p botnets. In: Proceedings of the 4th international conference on frontiers in intelligent computing: theory and applications (FICTA) 2015. India: Springer; 2016. pp. 13–21. https://doi.org/10.1007/978-81-322-2695-6_2.

  20. Joshi HP, Dutta R. Gadfly: a fast and robust algorithm to detect p2p botnets in communication graphs. In: 2018 IEEE global communications conference (GLOBECOM). IEEE; 2018, pp. 1–6. https://doi.org/10.1109/GLOCOM.2018.8647234.

  21. Mousavi SH, Khansari M, Rahmani R. A fully scalable big data framework for Botnet detection based on network traffic analysis. Inf Sci. 2020;512:629–40. https://doi.org/10.1016/j.ins.2019.10.018.

    Article  Google Scholar 

  22. Nazemi GM, Mashayekhi H, Mashayekhi Y. A self-learning stream classifier for flow-based botnet detection. Int J Commun Syst. 2019;32(16): e4143. https://doi.org/10.1002/dac.4143.

    Article  Google Scholar 

  23. Li W, Jin J, Lee J-H. Analysis of botnet domain names for IoT cybersecurity. IEEE Access. 2019;7:94658–65. https://doi.org/10.1109/ACCESS.2019.2927355.

    Article  Google Scholar 

  24. Kumar J, Gupta R, Saxena D, Kumar Singh A. Power consumption forecast model using ensemble learning for smart grid. J Supercomput. 2023;79:11007–28. https://doi.org/10.1007/s11227-023-05096-4.

    Article  Google Scholar 

  25. Awad AA, Sayed SG., Salem SA. A network-based framework for rat-bots detection. In: 2017 8th IEEE annual information technology, electronics and mobile communication conference (IEMCON). IEEE; 2017. pp. 128–133. https://doi.org/10.1109/IEMCON.2017.8117169.

  26. Chavan N, Kukreja M, Jagwani G, Nishad N, Deb N. Ddos attack detection and botnet prevention using machine learning. In: 2022 8th international conference on advanced computing and communication systems (ICACCS), vol 1. IEEE; 2022. pp. 1159–1163. https://doi.org/10.1109/ICACCS54159.2022.9785247.

  27. Singh AK, Kumar J. A secure and privacy-preserving data aggregation and classification model for smart grid. Multimed Tools Appl. 2023. https://doi.org/10.1007/s11042-023-14599-4.

    Article  PubMed  PubMed Central  Google Scholar 

  28. Long C, Xiao X, Wan W, Zhao J, Wei J, Du G. Botnet detection based on flow summary and graph sampling with machine learning. In: 2021 International conference on computer engineering and application (ICCEA). IEEE; 2021. pp. 309–317. https://doi.org/10.1109/ICCEA53728.2021.00068.

  29. Hegde M, Kepnang G, Al Mazroei M, Chavis JS, Watkins L. Identification of botnet activity in IoT network traffic using machine learning. In: 2020 International conference on intelligent data science technologies and applications (IDSTA). IEEE; 2020. pp. 21–27. https://doi.org/10.1109/IDSTA50958.2020.9264143.

  30. Haq S, Singh Y. Botnet detection using machine learning. In: 2018 Fifth international conference on parallel, distributed and grid computing (PDGC). IEEE; 2018. pp. 240–245. https://doi.org/10.1109/PDGC.2018.8745912.

  31. Muhammad A, Asad M, Rehman Javed A. Robust early stage botnet detection using machine learning. In: 2020 International conference on cyber warfare and security (ICCWS). IEEE; 2020. pp. 1–6. https://doi.org/10.1109/ICCWS48432.2020.9292395.

  32. Cunha AA, Borges JB, Loureiro Antonio AF. Classification of botnet attacks in IoT using a convolutional neural network. In: Proceedings of the 18th ACM international symposium on QoS and security for wireless and mobile networks; 2022. pp. 63–70. https://doi.org/10.1145/3551661.3561374.

  33. Apruzzese G, Colajanni M, Marchetti M. Evaluating the effectiveness of adversarial attacks against botnet detectors. In: 2019 IEEE 18th International symposium on network computing and applications (NCA). IEEE; 2019. pp. 1–8. https://doi.org/10.1109/NCA.2019.8935039.

  34. Kloft M, Brefeld U, Düessel P, Gehl C, Laskov P. Automatic feature selection for anomaly detection. In: Proceedings of the 1st ACM workshop on workshop on AISec; 2008. pp. 71–76. https://doi.org/10.1145/1456377.1456395.

  35. Araujo AM, de Bergamini NA, Nogueira M. Autonomous machine learning for early bot detection in the internet of things. Digit Commun Netw. 2022. https://doi.org/10.1016/j.dcan.2022.05.011.

    Article  Google Scholar 

Download references

Funding

Not applicable.

Author information

Author notes

  1. Swati S. Sherekar and Jatinder Kumar contributed equally to this work.

Authors and Affiliations

  1. Department Computer Science, Sant Gadge Baba Amravati University, Amravati, 444602, Maharashtra, India

    Priyanka C. Tikekar & Swati S. Sherekar

  2. Department of Computer Applications, National Institute of Technology Kurukshetra, Kurukshetra, 136119, Haryana, India

    Jatinder Kumar

Authors
  1. Priyanka C. Tikekar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Swati S. Sherekar
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jatinder Kumar
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

All the authors have discussed and constructed the ideas, and wrote the paper together.

Corresponding author

Correspondence to Jatinder Kumar.

Ethics declarations

Conflict of Interest

The authors have no conflict of interest regarding the publication.

Ethical Approval

This article does not contain any studies with human participants or animals performed by any of the authors.

Informed Consent

Informed consent was obtained from all individual participants included in the study.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Tikekar, P.C., Sherekar, S.S. & Kumar, J. An Approach for Detection of Botnet Based on Machine Learning Classifier. SN COMPUT. SCI. 5, 300 (2024). https://doi.org/10.1007/s42979-024-02636-4

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s42979-024-02636-4

Keywords

Search

Navigation