An explainable botnet detection model based on lightweight graph neural networks Online publication date: Mon, 03-Mar-2025
by Guofeng He; Jianghua Zhu; Yinong Shi; Ke Yan; Xu Zheng
International Journal of Computational Science and Engineering (IJCSE), Vol. 28, No. 2, 2025
Abstract: Botnets represent a significant threat to the security of the current internet network environment. They can be employed to carry out various malicious activities, not only impairing the performance and security of individual devices but also causing extensive damage to the entire network. Therefore, efficient detection of botnets is essential for network security. In recent years, the mainstream approach to botnet detection has involved the use of graph neural network (GNN) models, aiming to fully utilise the graph-structured properties of network data. However, current GNN methods frequently struggle with complicated structures and lack interpretability. To address these issues, we have designed a new model based on graph isomorphism networks (GINs). This model significantly simplifies the complexity without compromising detection accuracy and introduces explainable techniques for analysing model weights and conducting subgraph mining. By leveraging the concept of graph isomorphism, our method can more precisely characterise and identify botnet features. Experimental results demonstrate that our model excels in both accuracy and interpretability, making it highly valuable for real-world network environment applications.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Computational Science and Engineering (IJCSE):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com
Our Blog 
Follow us on Twitter 
Visit us on Facebook