Abstract
Advancement of information and communication techniques have led to share big amount of information which is increasing day by day through online activities and creating new added value over the internet services. At the same time threats to the security of cyber world has been increased with increasing number of heterogeneous connection points having powerful computational capacity. Internet being used to interact and control such automatic network devices connected to it. But hackers/crackers can exploit this network environment by putting malicious dummy node(s) or machine(s) called Botnet(s) to co-ordinate the attacks on security such as Denial of Service (DoS) or Distributed Denial of Service (DDoS). The proposed method attempts to identify those mallicious Botnet traffic from regular traffic using novel deep learning approaches like Artificial Neural Networks (ANN), Gatted Recurrent Units (GRU), Long or Short Term Memory (LSTM) model. The proposed model demonstrates significant improvement of all previous works. The testing dataset, Bot-IoT dataset is the latest and one of the largest public domain dataset used to justify improvement. Testing shows 99.7% classification accuracy which is precise and better than all previous works done. Results analysis and comparison shows the accuracy and supremacy over the latest work done on this field.
Similar content being viewed by others
References
Alomari E, Manickam S, Gupta B, Singh P, Anbar M (2014) Design, deployment and use of http-based botnet (hbb) testbed; 16th IEEE International Conference on Advanced Communication Technology (ICACT), South Korea, pp. 1265–1269
Apthorpe N, Reisman D, Feamster NA (2017) A smart home is no castle: Privacy vulnerabilities of encrypted IoT traffic. CoRR, abs/1705.06805
Bartlett G, Heidemann J, Papadopoulos C (2007) Understanding passive and active service discovery (extended); Tech rep. Technical Report ISI-TR- 2007–642, USC/Information Sciences Institute
Bot-iot (2018). URLhttps://www.unsw.adfa.edu.au/unsw-canberra-cyber/cybersecurity/ADFA-NB15-Datasets/bot_iot.php
Caberera J, Ravichandran B, Mehra R (2000) Statistical traffic modeling for network intrusion detection; Proceedings of the 8th International Symposium on Modeling , Analysis and Simulation of Computer and Telecommunication Systems (Cat. No.PR00728); , pp 466–473
Cho K, Merrienboer BV, Gulcehre C, Bahdanau D, Bougares F, Schwenk H, Bengio Y (2014) Learning phrase representations using RNN encoder-decoder for statistical machine translation; Proc Conference on Empirical Methods in Natural Language Processing 1724–1734
Cui L, Yang S, Chen F (2018) A survey on application of machine learning for internet of things. Int J Mach Learn Cybern 9:1399–1417. https://doi.org/10.1007/s13042-018-0834-5
Delgado MF, Cernadas E, Barro S, Amorim DG Do we need hundreds of classifiers to solve real world classification problems? J Mach Learn Res 15(1):3133–3181
Doshi R, Apthorpe N, Feamster N (2018) Machine Learning DDoS Detection for Consumer Internet of Things Devices; IEEE security and privacy workshops (SPW). San Francisco, CA, 2018, pp. 29–35. https://doi.org/10.1109/SPW.2018.00013.
Hadiantol R, Purboyo TW (2018) A Survey Paper on Botnet Attacks and Defenses in Software Defined Networking. Int J Appl Eng Res, ISSN 0973–4562 13(1):483–489
Hao S, Syed NA, Feamster N, Gray AG, Krasser S (2000) Detecting spammers with snare: Spatio-temporal networklevel automatic reputation engine; USENIX security symposium, vol. 9
Hochreiter S, Schmidhuber J (1997) Long short-term memory. Neural Comput 9(8):1735–1780. https://doi.org/10.1162/neco.1997.9.8.1735
Hoque N, Bhuyan MH, Baishya RC, Bhattacharyya DK, Kalita JK (2014) Network attacks: taxonomy, tools and systems. J Netw Comput Appl 40:307–324
Jesudoss A, Subramaniam N (2014) A survey on authentication attacks and counter- measures in a distributed environment. Indian J Comput Sci Eng (IJCSE) 5(2):71–77 ISSN : 0976–5166
Kolias C, Kambourakis G, Stavrou A, Voas J (2017) DFoS in the IoT: Mirai and other botnets. IEEE Computer 50(7):80–84 ISSN 0018-9162
Koroniotis N, Moustafa N, Sitnikova E, Turnbull B (2018) Towards the Development of Realistic Botnet Dataset in the Internet of Things for Network Forensic Analytics: Bot-IoT Dataset; https://arxiv.org/abs/1811.00701
Revathi S, Malathi A (2013) A Detailed Analysis on NSL-KDD Dataset Using Various Machine Learning Techniques for Intrusion Detection; 2013; Int J Eng Res Technol, Volume 02, Issue 12
Samani EBB, Hadian HJ, Stakhanova N, Ghorbani AA (2014) Towards effective feature selection in machine learning-based botnet detection approaches, IEEE Conference on Communications and Network Security (CNS) - San Francisco, CA, USA, pp 247–255
Sharafaldin I, Lashkari A, Ghorbani A (2018) Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization.; Proceedings of the 4th International Conference on Information Systems Security and Privacy (ICISSP 2018), pp.108–116, ISBN: 978-989-758-282-0
Shiravi A, Shirazi H, Tavallaee M, Ghorbani AA (2012) Toward developing a systematic approach to generate benchmark datasets for intrusion detection. Comput Secur 31(3):357–374
Sivanathan A, Sherratt D, Gharakheili HH, Sivaraman V, Vishwanath A (2016) Low-cost flow-based security solutions for smart-home IoT devices; 2016 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS), Bangalore, pp. 1–6. https://doi.org/10.1109/ANTS.2016.7947781.
Soni D, Makwana A (2017) A survey on mqtt: A protocol of internet of things (iot); Proceedings of the International Conference On Telecommunication, Power Analysis And Computing Techniques (ICTPACT-2017); Chennai, India. 6–8 April 2017
Srivastava T (2014) How does artificial neural network (ANN) algorithm work? Simplified!; OCTOBER 20. https://www.analyticsvidhya.com/blog/2014/10/ann-work-simplified/
Tankard C (2011) Advanced persistent threats and how to monitor and deter them. Netw Secur 8:16–19
Tavallaee M, Bagheri E, Lu W, Ghorbani AA (2009) A Detailed Analysis of the KDD CUP 99 Data Set”; Second IEEE Symposium on Computational Intelligence for Security and Defense Applications (CISDA), 2009 IEEE symposium on computational intelligence for security and defense applications, Ottawa, ON, pp. 1–6, doi: https://doi.org/10.1109/CISDA.2009.5356528
Thomas R, Pavithran D (2018) A Survey of Intrusion Detection Models based on NSL-KDD Data Set; 2018 Fifth HCT Information Technology Trends (ITT), pp.286–291
Wang X, Zhao Y, Pourpanah F (2020) Recent advances in deep learning. Int J Mach Learn & Cyber 11:747–750. https://doi.org/10.1007/s13042-020-01096-5
Yuan X-Y., Li C., Li X (2017) DeepDefense: Identifying DDoS attack via deep learning"; IEEE international conference on smart computing (SMARTCOMP), Hong Kong, China, pp. 1–8, doi: https://doi.org/10.1109/SMARTCOMP.2017.7946998.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Biswas, R., Roy, S. Botnet traffic identification using neural networks. Multimed Tools Appl 80, 24147–24171 (2021). https://doi.org/10.1007/s11042-021-10765-8
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11042-021-10765-8