Journal of Network Security

Botnets are one of the threats in a network to hamper the quality of the network by disrupting theresources of the network. These Botnets can be controlled remotely by Botmaster. The Machine Learning Algorithms play a major role to detect and control the Botnets that cause to DDoS attacks, malwares and phishing attacks that are vulnerable to network resources. The DDoS attacks are most dangerous malware events that disrupt whole network. To solve DDoS attacks, various methods and algorithms are proposed. In this study, we proposed K-means Unsupervised Learning (USML) algorithm. In the proposed methodology, we conduct a practical approach, analyzing by ML algorithms i.e., K-means algorithms for the detecting Botnet DDoS attacks. For experimental analysis, we consider the UNBS-NB real-time datasets. In this approach, we compare K-means algorithms with Support Vector Machine (SVM), Artificial Neural network (ANN), Naive Bayes (NB) and Decision Tree (DT) for performance-based comparison. In results, we find that K-means (USML) is showing better performance than other machine learning algorithms.

Freiling FC, Holz T, Wicherski G. Botnet tracking: exploring a root-cause methodology to prevent distributed denial-of-service attacks. In: di Vimercati SdC, Syverson P, Gollmann D, editors. ESORICS 2005. Lecture Notes in Computer Science. Vol. 3679. Berlin, Heidelberg: Springer; 2005: 319–35. doi: 10.1007/11555827_19.

Alomari E, Manickam S, Gupta BB, Karuppayah S, Alfaris R. Botnet-based distributed denial of service (DDoS) attacks on web servers: classification and art. arXiv preprint arXiv:1208.0403. 2012 Aug 2.

Sikkanan S, Kasthuri M. Denial-of-service and botnet analysis, detection, and mitigation. In Research Anthology on Combating Denial-of-Service Attacks. IGI Global; 2021; 20–48.

Arora A, Yadav SK, Sharma K. Denial-of-service (dos) attack and botnet: Network analysis, research tactics, and mitigation. In Research Anthology on Combating Denial-of-Service Attacks. IGI Global; 2021; 49–73.

Tuan TA, Long HV, Son LH, Kumar R, Priyadarshini I, Son NT. Performance evaluation of Botnet DDoS attack detection using machine learning. Evol Intell. 2020 Jun; 13(2): 283–94.

Shinan K, Alsubhi K, Alzahrani A, Ashraf MU. Machine learning-based botnet detection in software-defined network: a systematic review. Symmetry. 2021 May 12; 13(5): 866.

Kirubavathi G, Anitha R. Structural analysis and detection of android botnets using machine learning techniques. Int J Inf Secur. 2018 Apr; 17(1): 153–67.

Pillutla H, Arjunan A. Fuzzy self organizing maps-based DDoS mitigation mechanism for software defined networking in cloud computing. J Ambient Intell Humaniz Comput. 2019 Apr 12; 10(4): 1547–59.

Homayoun S, Ahmadzadeh M, Hashemi S, Dehghantanha A, Khayami R. BoTShark: A deep learning approach for botnet traffic detection. In: Cyber Threat Intelligence. Cham: Springer; 2018; 137–53.

Injadat M, Moubayed A, Shami A. Detecting botnet attacks in IoT environments: An optimized machine learning approach. In 2020 IEEE 32nd International Conference on Microelectronics (ICM). 2020 Dec 14; 1–4.

Alani MM. BotStop: Packet-based efficient and explainable IoT botnet detection using machine learning. Comput Commun. 2022 Sep 1; 193: 53–62.

Taheri S, Mammadov M. Learning the naive Bayes classifier with optimization models. Int J Appl Math Comput Sci. 2013 Dec 1; 23(4): 787–795.

Rokach L. Data mining and knowledge discovery handbook. Springer Science+ Business Media, Incorporated; 2005.

Khanum M, Mahboob T, Imtiaz W, Ghafoor HA, Sehar R. A survey on unsupervised machine learning algorithms for automation, classification and maintenance. Int J Comput Appl. 2015 Jan 1; 119(13): 34–39.

Anagnostopoulos M, Kambourakis G, Gritzalis S. New facets of mobile botnet: architecture and evaluation. Int J Inf Secur. 2016 Oct; 15(5): 455–73.

Thota S, Menaka D. Importance of Machine Learning Algorithms to Detect Botnet DDoS Attacks. In 2022 IEEE International Conference on Augmented Intelligence and Sustainable Systems (ICAISS). 2022 Nov 24; 900–903.

Santos R, Souza D, Santo W, Ribeiro A, Moreno E. Machine learning algorithms to detect DDoS attacks in SDN. Concurr Comput: Pract Exp. 2020 Aug 25; 32(16): e5402.

de Miranda Rios V, Inácio PR, Magoni D, Freire MM. Detection of reduction-of-quality DDoS attacks using Fuzzy Logic and machine learning algorithms. Comput Netw. 2021 Feb 26; 186: 107792.