Authors: Akram Farahmand-Nejad; Samira Noferesti
Addresses: Information Technology Department, Faculty of Electrical and Computer Engineering, University of Sistan and Baluchestan, Zahedan, Iran ' Information Technology Department, Faculty of Electrical and Computer Engineering, University of Sistan and Baluchestan, Zahedan, Iran
Abstract: Botnets are one of the most widespread and serious threats of cybersecurity that have infected millions of computers around the world over the past few years. Previous research has shown that machine learning methods can accurately detect botnet attacks. However, these methods often do not address the problem of real-time botnet detection, which is one of the main challenges in this area and is essential to prevent the damage caused by botnet attacks. This paper aims to present an efficient real-time model for botnet detection. In the proposed method, a subset of the effective features in detecting the bot traffic is initially selected using the world competitive contests algorithm. Then, based on the selected features, a support vector machine model is created offline to detect real-time bot traffic from the normal one. The test results show that the proposed method can detect botnets with 95% accuracy and outperforms other methods.
Keywords: network security; botnets; real-time; machine learning; support vector machine; SVM; feature selection; world competitive contests algorithm; WCC; wrapper methods; botnet attacks.
International Journal of Security and Networks, 2020 Vol.15 No.1, pp.36 - 45
Received: 16 Mar 2019
Accepted: 18 Apr 2019
Published online: 09 Apr 2020 *