Skip to main content
SpringerLink
Log in

Botnet Detection Using Machine Learning Algorithms

  • Conference paper
  • First Online:
Proceedings of the International Conference on Paradigms of Computing, Communication and Data Sciences

Part of the book series: Algorithms for Intelligent Systems ((AIS))

Abstract

In recent years, the security threats from Internet are spreading at a fast rate. These threats are coming from different fraudulent email, websites and malicious software which are working independently. All these threats are of different categories (virus, malware, trojan etc). Every threat has a different techniques of spreading the malicious code and we also need different categories for detecting all these threats. At the focal point of a considerable lot of these assaults are accumulations of traded off PCs, or on the other hand Botnets, remotely constrained by the aggressors, and whose individuals are situated in homes, schools, businesses and government around the globe. Botnets have been a serious threat in present day and attacking lot of organization and performing cyber-crimes. Botnet have been working on the method of carry and spread. In this way it transfers malicious codes or software to different computers. Spam, denial of service attack and click fraud are some of the methods through which Botnet are attacking the system. Detection of Botnet is a typical task which can be carried out in an efficient way by using Machine Learning. This paper’s focus is on different Machine Learning algorithm and their analysis method for detection of Botnet. Different Machine Learning algorithm are implemented and their ability to detect botnet has been found out. All the algorithms are implemented on an existing dataset and therefore the results shows the ability of algorithm in detecting botnet.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Cooke E, Jahanian F, McPherson D (2005) The zombie roundup: understanding, detecting, and disrupting botnets. In: SRUTI 2005 Workshop, USINEX

    Google Scholar 

  2. McLaughlin L (2004) Bot software spreads, causes new worries. IEEE Distrib Syst Online 5(6)

    Google Scholar 

  3. Marupally PR, Paruchuri V Comparative analysis and evaluation of botnet command and control models. In: 24th IEEE international conference on advanced information networking and applications. https://doi.org/10.1109/aina.2010.171

  4. Zeidanloo H, Manaf A (2009) Botnet command and control mechanisms. Comput Electr Eng 1:564–568. https://doi.org/10.1109/ICCEE.2009.151

    Article  Google Scholar 

  5. Dittrich D, Dietrich S (2008) P2p as botnet command and control: a deeper insight. In: Proceedings of the 3rd international conference on malicious unwanted software (Malware 2008), 2008, pp 46–63

    Google Scholar 

  6. Rajab MA, Zarfoss J, Monrose F, Terzis A (2006) A multifaceted approach to understanding the botnet phenomenon. In: Internet measurement conference, pp 41–52. https://doi.org/10.1145/1177080.1177086

  7. Hogben G (ed) (2011) Botnets: detection, measurement, disinfection and defence, Tech., ENISA

    Google Scholar 

  8. Gu G, Perdisci R, Zhang J, Lee W (2008) Botminer: clustering analysis of network traffic for protocol- and structure-independent botnet detection. In: Proceedings of the 17th conference on security symposium 2008

    Google Scholar 

  9. Giroire F, Chandrashekar J, Taft N, Schooler E, Papagiannaki D (2009) Exploiting temporal persistence to detect covert botnet channels. In: Proceedings of the 12th international symposium on recent. Springer, Berlin

    Google Scholar 

  10. Strayer WT et al (2007) Botnet detection based on network behavior. In: Lee W, Wang C, Dagon D (eds) Botnet detection: countering the largest security threat. Springer, Berlin

    Google Scholar 

  11. Liu D, Li Y, Hu Y, Liang Z (2010) A p 2p-botnet detection model and algorithms based on network streams analysis. In: 2010 international conference on future information technology and management engineering (FITME), vol 1, pp 55–58

    Google Scholar 

  12. Dewes C, Wichmann A, Feldmann A (2003) An analysis of internet chat systems. In: IMC ’03: proceedings of the 3rd ACM SIGCOMM conference on Internet measurement, New York, NY, USA, ACM Press, pp 51–64

    Google Scholar 

  13. Roughan M, Sen S, Spatscheck O, Duffield N (2004) Class-of-service mapping for Qos: a statistical signature-based approach to IP traffic classification. In: IMC ’04: proceedings of the 4th ACM SIGCOMM conference on internet measurement. ACM Press, New York, pp 135–148

    Google Scholar 

  14. Moore AW, Zuev D (2005) Internet traffic classification using bayesian analysis techniques. ACM Press, New York, pp 50–60

    Google Scholar 

  15. Sen S, Spatscheck O, Wang D (2004) Accurate: scalable. In: Network identification of P2P traffic using application signatures. In: WWW ’04: proceedings of the 13th international conference on WWW. ACM Press, pp 512–521

    Google Scholar 

  16. Vacca JR (2009) Computer and information security. Handbook

    Google Scholar 

  17. Silva SS, Silva RM, Pinto RC, Salles RM (2012) Botnets: a survey. Comput Netw. https://doi.org/10.1016/j.comnet.2012.07.021

  18. Feily M, Shahrestani (2009) A survey of botnet detection, emerging security info mation, systems and technologies

    Google Scholar 

  19. Zhu Z, Lu G, Chen Y, Fu Z, Roberts P, Han K (2008) Botnet research survey. In: 32nd annual IEEE international computer software and applications. https://doi.org/10.1109/compsac.2008.205

  20. Dittrich D, Dietrich S (2008) P2P as botnet command and control: a deeper insight. In: Proceedings of the 2008 3rd international conference on malicious and unwanted software, Malware

    Google Scholar 

  21. García S, Grill M, Stiborek J, Zunino A (2014) An empirical comparison of Botnet detection methods. Comput Secur 45:100–123

    Article  Google Scholar 

  22. Stevanovic M, Pedersen JM (2013) Machine learning for identifying botnet network traffic

    Google Scholar 

  23. Livadas C, Walsh R, Lapsley D, Strayer W (2006) Using machine learning techniques to identify botnet traffic, pp 967–974. https://doi.org/10.1109/lcn.2006.322210

  24. Husna H, Phithakkitnukoon S, Palla S, Dantu R (2008) Behavior analysis of spam botnets. In: Communication systems software and middleware and workshops

    Google Scholar 

  25. Noh S-K, Oh J-H, Lee J-S, Noh B-N, Jeong H-C (2009) Detectingp2p botnets using a multi-phased flow model, in: Digital Society, pp 247–253. https://doi.org/10.1109/icds.2009.37

  26. Nogueira A, Salvador P, Blessa F (2010) A botnet detection system based on neural networks. In: 2010 fifth international conference on digital and telecommunications, pp 57–62. https://doi.org/10.1109/icdt.2010.19

  27. Liao W-H, Chang C-C (2010) Peer to peer botnet detection using data mining scheme. In: 2010 international conference on internet technology and applications, pp 1–4. https://doi.org/10.1109/itapp.2010.5566407

  28. Yu X, Dong X, Yu G, Qin Y, Yue D (2010) Data-adaptive clustering analysis for online botnet detection. In: Computational science and optimization (CSO), pp 456–460. https://doi.org/10.1109/cso.2010.214

  29. Langin C et al (2009) A self-organizing map and its modeling for discovering malignant network traffic. In: Computational intelligence in cyber security, pp 122–129. https://doi.org/10.1109/cicybs.2009.4925099

  30. Choi H, Lee H (2011) Identifying botnets by capturing group activities in DNS traffic. J Comput Netw 56, 20–33

    Google Scholar 

  31. Sanchez F et al (2011) Blocking spam by separating end-user machines from legitimate mail server machines. In: Anti-Abuse and Spam conference, ACM, New York, NY, USA, pp 116–124. https://doi.org/10.1145/2030376.2030390

  32. Chen F et al (2011) Detecting bots via incremental ls-svm learning with dynamic feature adaptation. In: ACM, New York, USA, pp 386–394. https://doi.org/10.1145/2020408.2020471

  33. Saad S et al Detecting p 2p botnets through network behavior analysis and machine learning. In: Privacy, pp 174–180. https://doi.org/10.1109/pst.2011.5971980

  34. Zhang J et al (2011) Detecting stealthy P2P botnets using statistical traffic fingerprints. In: Networks, IEEE/IFIP, Hong Kong, pp 121–132

    Google Scholar 

  35. W Lu et al (2011) Clustering botnet communication traffic based on n-gram feature selection. Comput Commun 502–514

    Google Scholar 

  36. Bilge L et al Disclosure: detecting botnet command and control servers through large-scale netflow analysis. In: Proceedings of the 28th annual computer security applications conference, ACM. https://doi.org/10.1145/2420950.2420969

  37. Masud M et al (2008) Flow-based identification of botnet traffic by mining multiple log files, pp 200–206. https://doi.org/10.1109/icdfma.2008.4784437

  38. Shin S et al (2012) EFFORT: efficient and effective Bot malware detection. In: IEEE conference 2012, pp 71–80

    Google Scholar 

  39. Zeng Y et al (2010) Detection of botnets using combined host and network-level information. IEEE/IFIP, pp 291–300. https://doi.org/10.1109/dsn.2010.5544306

Download references

Author information

Authors and Affiliations

  1. DIT University, Dehradun, India

    Chirag Joshi, Vishal Bharti & Ranjeet Kumar Ranjan

Authors
  1. Chirag Joshi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Vishal Bharti
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ranjeet Kumar Ranjan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Chirag Joshi .

Editor information

Editors and Affiliations

  1. Department of Computer Engineering, National Institute of Technology, Kurukshetra, Kurukshetra, India

    Mayank Dave

  2. Department of Computer Engineering, National Institute of Technology, Kurukshetra, Kurukshetra, India

    Ritu Garg

  3. Department of Computer Engineering, National Institute of Technology, Kurukshetra, Kurukshetra, India

    Mohit Dua

  4. School of Information Technology, Deakin University, Geelong, VIC, Australia

    Jemal Hussien

Rights and permissions

Reprints and permissions

Copyright information

© 2021 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Joshi, C., Bharti, V., Ranjan, R.K. (2021). Botnet Detection Using Machine Learning Algorithms. In: Dave, M., Garg, R., Dua, M., Hussien, J. (eds) Proceedings of the International Conference on Paradigms of Computing, Communication and Data Sciences. Algorithms for Intelligent Systems. Springer, Singapore. https://doi.org/10.1007/978-981-15-7533-4_56

Download citation

  • DOI: https://doi.org/10.1007/978-981-15-7533-4_56

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-15-7532-7

  • Online ISBN: 978-981-15-7533-4

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation