Abstract
Botnets are vectors through which hackers can seize control of multiple systems and conduct malicious activities. Researchers have proposed multiple solutions to detect and identify botnets in real time. However, these proposed solutions have difficulties in keeping pace with the rapid evolution of botnets. This paper proposes a model for detecting botnets using deep learning to identify zero-day botnet attacks in real time. The proposed model is trained and evaluated on a CTU-13 dataset with multiple neural network designs and hidden layers. Results demonstrate that the deep-learning artificial neural network model can accurately and efficiently identify botnets.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.References
Ahmed AA (2015) Investigation model for DDoS attack detection in real-time. Int J Softw Eng Comput Syst 1(1):93–105
Ahmed AA, Jantan A, Rasmi M (2013a) Service violation monitoring model for detecting and tracing bandwidth abuse. J Netw Syst Manag 21(2):218–237
Ahmed AA, Jantan A, Wan T-C (2013b) Real-time detection of intrusive traffic in QoS network domains. IEEE Secur Priv 11(6):45–53
Ahmed AA, Jantan A, Wan T-C (2016) Filtration model for the detection of malicious traffic in large-scale networks. Comput Commun 82:59–70
Al-Duwairi B, Al-Ebbini L (2010) BotDigger: a fuzzy inference system for botnet detection. In: 2010 Fifth international conference on internet monitoring and protection. pp 16–21
Al Shorman A, Faris H, Aljarah I (2019) Unsupervised intelligent system based on one class support vector machine and Grey Wolf optimization for IoT botnet detection. J Ambient Intell Humaniz Comput. https://doi.org/10.1007/s12652-019-01387-y
Cui Z et al (2018) Detection of malicious code variants based on deep learning. IEEE Trans Ind Inform 14(7):3187–3196
Dai Q-Y, Zhang C, Wu H (2016) Research of decision tree classification algorithm in data mining. Int J Database Theory Appl 9(5):1–8
Dhaya MA, Ravi R (2020) Multi feature behavior approximation model based efficient botnet detection to mitigate financial frauds. J Ambient Intell Humaniz Comput. https://doi.org/10.1007/s12652-020-01677-w
Garcia S, Grill M, Stiborek J, Zunino A (2014) An empirical comparison of botnet detection methods. Comput Secur 45:100–123
Gu G, Zhang J, Lee W (2008) BotSniffer: detecting botnet command and control channels in network traffic. In: Proceedings of the 15 annual network and distributed system security symposium (NDSS'08)
Jantan A, Ahmed AA (2014a) Honeybee protection system for detecting and preventing network attacks. J Theor Appl Inf Technol 64(1):38–47
Jantan A, Ahmed AA (2014b) Honey bee intelligent model for network zero day attack detection. Int J Digit Content Technol Appl 8(6):45–52
Kalaivani P, Vijaya M (2016) Mining based detection of botnet traffic in network flow. Int J Comput Sci Inf Technol Secur 6:535–540
Karasaridis A, Rexroad B, Hoeflin DA et al (2007) Wide-scale botnet detection and characterization. In: Proceedings of the first conference on first workshop on hot topics in understanding botnets (HotBots'07). pp 1–8
Kingma DP, Ba J (2014) Adam: a method for stochastic optimization. arXiv preprint arXiv:1412.6980
Kolosnjaji B, Zarras A, Webster G, Eckert C (2016) Deep learning for classification of malware system call sequences. Australasian joint conference on artificial intelligence. Springer, Cham, pp 137–149
Maimó LF, Celdrán AH, Pérez MG, Clemente FJG, Pérez GM (2019) Dynamic management of a deep learning-based anomaly detection system for 5G networks. J Ambient Intell Humaniz Comput 10(8):3083–3097
Masud MM et al (2008) Cloud-based malware detection for evolving data streams. ACM Trans Manag Inf Syst (TMIS) 2(3):1–27
Moodi M, Ghazvini M (2019) A new method for assigning appropriate labels to create a 28 Standard Android Botnet Dataset (28-SABD). J Ambient Intell Humaniz Comput 10(11):4579–4593
Narang P, Ray S, Hota C, Venkatakrishnan V (2014) Peershark: detecting peer-to-peer botnets by tracking conversations. In: 2014 IEEE security and privacy workshops. pp 108–115
Rumelhart DE, Durbin R, Golden R, Chauvin Y (1995) Backpropagation: the basic theory. In: Chauvin Y, Rumelhart DE (eds) Backpropagation: theory, architectures and applications. Lawrence Erlbaum Associates, Hillsdale, New Jersey; Hove, UK, pp 1–34
Saxe J, Berlin K (2015) Deep neural network based malware detection using two dimensional binary program features. In: 2015 10th International conference on malicious and unwanted software (MALWARE). pp 11–20
Shah S, Jani H, Shetty S, Bhowmick K (2013) Virus detection using artificial neural networks. Int J Comput Appl 84(5):17–23
Singh K, Guntuku SC, Thakur A, Hota C (2014) Big data analytics framework for peer-to-peer botnet detection using random forests. Inf Sci 278:488–497
Svozil D, Kvasnicka V, Pospichal J (1997) Introduction to multi-layer feed-forward neural networks. Chemom Intell Lab Syst 39(1):43–62
Vinayakumar R, Soman KP, Poornachandran P (2017) Deep android malware detection and classification. In: 2017 International conference on advances in computing, communications and informatics (ICACCI). pp 1677–1683
Wang X, Guo N, Gao F, Feng J (2019) Distributed denial of service attack defence simulation based on honeynet technology. J Ambient Intell Humaniz Comput. https://doi.org/10.1007/s12652-019-01396-x
Ye Y, Chen L, Hou S, Hardy W, Li X (2018) DeepAM: a heterogeneous deep learning framework for intelligent malware detection. Knowl Inf Syst 54(2):265–285
Acknowledgements
Funding support was provided by the fund of COMSTECH-TWAS, Joint Research Grants Program for Young Scientists in OIC countries No. 14-340 RG/ITC/AS_C.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Ahmed, A.A., Jabbar, W.A., Sadiq, A.S. et al. Deep learning-based classification model for botnet attack detection. J Ambient Intell Human Comput 13, 3457–3466 (2022). https://doi.org/10.1007/s12652-020-01848-9
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12652-020-01848-9