A P2P Botnet Detection Technique Using Machine Learning Classifiers

Authors

  • Yash Patwa  Department of Information Technology, University of Mumbai, Mumbai, Maharashtra, India
  • Tulika Kotian  Department of Information Technology, University of Mumbai, Mumbai, Maharashtra, India
  • Ralin Tuscano  Department of Information Technology, University of Mumbai, Mumbai, Maharashtra, India
  • Ms. Alvina Alphonso  Department of Information Technology, University of Mumbai, Mumbai, Maharashtra, India
  • Dr. Nazneen Ansari  Department of Computer Engineering, University of Mumbai, Mumbai, Maharashtra, India

Keywords:

botnet detection, decision tree algorithm, machine learning, network security, P2P botnets, ReactJS

Abstract

Today, botnets prove to be one among many scandalous perils to security in networks. While Client-Server botnets employ a centralized communication architecture, Peer-to-Peer(P2P) botnets acquire a decentralized structure for trafficking commands and controlling data, hence making them more difficult to be identified in a network. In this paper, the authors propose an effective system to detect Peer-to-Peer botnets by applying machine learning algorithms to network traffic parameters. The data from the CTU-13 dataset is input into the system. The proposed system has 3 phases. In the first stage, feature reduction was performed on the network traffic to recognize which of the features affected the classification considerably. In the second stage, the detection model was developed, which classified the traffic into Botnet(malign) traffic and Legitimate(benign) traffic in the last phase. The output of the system generates the classification of the network traffic with visualizations to gain insights into the network activity. The five machine learning algorithms employed are Decision Tree, Support Vector Machine (SVM), K-Nearest Neighbour (KNN), Logistic Regression, and Naive Bayes. On performing comparative analysis, the Decision Tree algorithm successfully detected Peer-to-Peer botnet traffic by demonstrating an accuracy of 99.90%.

References

  1. Y. ALEKSIEVA, H. VALCHANOV, and V. ALEKSIEVA, "An approach for host-based botnet detection system," 2019 16th Conference on Electrical Machines, Drives and Power Systems (ELMA), Varna, Bulgaria, 2019, pp. 1-4.
  2. T. Lange and H. Kettani, "On Security Threats of Botnets to Cyber Systems," 2019 6th International Conference on Signal Processing and Integrated Networks (SPIN), Noida, India, 2019, pp. 176-183.
  3. K. Alieyan, M. Anbar, A. Almomani, R. Abdullah and M. Alauthman, "Botnets Detecting Attack Based on DNS Features," 2018 International Arab Conference on Information Technology (ACIT), Werdanye, Lebanon, 2018, pp. 1-4.
  4. S. Chen, Y. Chen and W. Tzeng, "Effective Botnet Detection Through Neural Networks on Convolutional Features," 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), New York, NY, 2018, pp. 372-378.
  5. H. Dhayal and J. Kumar, "Botnet and P2P Botnet Detection Strategies: A Review," 2018 International Conference on Communication and Signal Processing (ICCSP), Chennai, 2018, pp. 1077-1082.
  6. X. Dong, J. Hu and Y. Cui, "Overview of Botnet Detection Based on Machine Learning," 2018 3rd International Conference on Mechanical, Control and Computer Engineering (ICMCCE), Huhhot, 2018, pp. 476-479.
  7. A. Dorri, M. Abadi, and M. Dadfarnia, "SocialBotHunter: Botnet Detection in Twitter-Like Social Networking Services Using Semi-Supervised Collective Classification," 2018 IEEE 16th Intl Conf on Dependable, Autonomic and Secure Computing, 16th Intl Conf on Pervasive Intelligence and Computing, 4th Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress(DASC/PiCom/DataCom/CyberSciTech), Athens, 2018, pp. 496-503.
  8. S. Lysenko, K. Bobrovnikova and O. Savenko, "A botnet detection approach based on the clonal selection algorithm," 2018 IEEE 9th International Conference on Dependable Systems, Services and Technologies (DESSERT), Kiev, 2018, pp. 424-428.
  9. C. D. McDermott, F. Majdani and A. V. Petrovski, "Botnet Detection in the Internet of Things using Deep Learning Approaches," 2018 International Joint Conference on Neural Networks (IJCNN), Rio de Janeiro, 2018, pp. 1-8.
  10. G. Khehra and S. Sofat, "Botnet Detection Techniques: A Review," 2018 Second International Conference on Intelligent Computing and Control Systems (ICICCS), Madurai, India, 2018, pp. 1319-1326.
  11. D. Muhs, S. Haas, T. Strufe and M. Fischer, "On the Robustness of Random Walk Algorithms for the Detection of Unstructured P2P Botnets," 2018 11th International Conference on IT Security Incident Management & IT Forensics (IMF), Hamburg, 2018, pp. 3-14.
  12. F. A. Saputra, M. F. Masputra, I. Syarif, and K. Ramli, "Botnet Detection in Network System Through Hybrid Low Variance Filter, Correlation Filter and Supervised Mining Process," 2018 Thirteenth International Conference on Digital Information Management (ICDIM), Berlin, Germany, 2018, pp. 112-117.
  13. B. Alothman and P. Rattadilok, "Towards using transfer learning for Botnet Detection," 2017 12th International Conference for Internet Technology and Secured Transactions (ICITST), Cambridge, 2017, pp. 281-282.
  14. A. Kapre and B. Padmavathi, "Behavior-based botnet detection with traffic analysis and flow intervals using PSO and SVM," 2017 International Conference on Intelligent Computing and Control Systems (ICICCS), Madurai, 2017, pp. 718-722.
  15. G. Vormayr, T. Zseby and J. Fabini, "Botnet Communication Patterns," in IEEE Communications Surveys & Tutorials, vol. 19, no. 4, pp. 2768-2796, Fourth quarter 2017.
  16. X. Kong, Y. Chen, H. Tian, T. Wang, Y. Cai, and X. Chen, "A Novel Botnet Detection Method Based on Preprocessing Data Packet by Graph Structure Clustering," 2016 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC), Chengdu, 2016, pp. 42-45.
  17. S. Miller and C. Busby-Earle, "The role of machine learning in botnet detection," 2016 11th International Conference for Internet Technology and Secured Transactions (ICITST), Barcelona, 2016, pp. 359-364.
  18. M. Stevanovic and J. M. Pedersen, "An efficient flow-based botnet detection using supervised machine learning," 2014 International Conference on Computing, Networking and Communications (ICNC), Honolulu, HI, 2014, pp. 797-801.
  19. J. Zhang, R. Perdisci, W. Lee, X. Luo, and U. Sarfraz, "Building a Scalable System for Stealthy P2P-Botnet Detection," in IEEE Transactions on Information Forensics and Security, vol. 9, no. 1, pp. 27-38, Jan. 2014.
  20. M. Eslahi, H. Hashim and N. M. Tahir, "An efficient false alarm reduction approach in HTTP-based botnet detection," 2013 IEEE Symposium on Computers & Informatics (ISCI), Langkawi, 2013, pp. 201-205.

International Journal of Scientific Research in Science, Engineering and Technology

Downloads

Published

2021-05-30

Issue

Volume 9, Issue 3, May-June-2021

Section

Research Articles

License

Copyright (c) IJSRSET

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
Yash Patwa, Tulika Kotian, Ralin Tuscano, Ms. Alvina Alphonso, Dr. Nazneen Ansari "A P2P Botnet Detection Technique Using Machine Learning Classifiers" International Journal of Scientific Research in Science, Engineering and Technology (IJSRSET), Print ISSN : 2395-1990, Online ISSN : 2394-4099, Volume 9, Issue 3, pp.246-254, May-June-2021.