Hybrid Machine Learning Technique to Detect Active Botnet Attacks for Network Security and Privacy

Abstract

– A botnet is a malware application controlled from a distance by a programmer with the assistance of a botmaster. Botnets can launch enormous cyber-attacks like Denial-of-Service (DOS), phishing, spam, data stealing, and identity theft. The botnet can also affect the security and privacy of the systems. The conventional approach to detecting botnets is made by signature-based analysis, which cannot discover botnets that are not visible. The behavior-based analysis appears to be an appropriate solution to the current botnet characteristics that are constantly developing. This paper aims to develop an efficient botnet detection algorithm using machine learning with traffic reduction to increase accuracy. Based on behavioural analysis, a traffic reduction strategy is applied to reduce network traffic to improve overall system performance. Several network devices are typically used to retrieve network traffic information. With a detection accuracy of 98.4%, the known and unknown botnet activities are measured using the supplied datasets. The machine learning-based traffic reduction system has achieved a high rate of traffic reduction, about 82%, and false-positive rates range between 0% to 2%. Both findings demonstrate that the suggested technique is efficient and accurate.