BotCap: Machine Learning Approach for Botnet Detection Based on Statistical Features

BotCap: Machine Learning Approach for Botnet Detection Based on Statistical Features

In this paper, we describe a detailed approach to develop a botnet detection system using machine learning (ML)techniques. Detecting botnet member hosts, or identifying botnet traffic has been the main subject of manyresearch efforts. This research aims to overcome two serious limitations of current...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:International journal of communication networks and information security 2022-04, Vol.10 (3)
Hauptverfasser: Gadelrab, Mohammed S., ElSheikh, Muhammad, Ghoneim, Mahmoud A., Rashwan, Mohsen
Format: Artikel
Sprache:eng
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page
container_issue 3
container_start_page
container_title International journal of communication networks and information security
container_volume 10
creator Gadelrab, Mohammed S.
ElSheikh, Muhammad
Ghoneim, Mahmoud A.
Rashwan, Mohsen
description In this paper, we describe a detailed approach to develop a botnet detection system using machine learning (ML)techniques. Detecting botnet member hosts, or identifying botnet traffic has been the main subject of manyresearch efforts. This research aims to overcome two serious limitations of current botnet detection systems:First, the need for Deep Packet Inspection-DPI and the need to collect traffic from several infected hosts. Toachieve that, we have analyzed several botware samples of known botnets. Based on this analysis, we haveidentified a set of statistical features that may help to distinguish between benign and botnet malicious traffic.Then, we have carried several machine learning experiments in order to test the suitability of ML techniques andalso to pick a minimal subset of the identified features that provide best detection. We have implemented ourapproach in a tool called BotCap whose test results showed its proven ability to detect individually infected hostsin a local network.
doi_str_mv 10.17762/ijcnis.v10i3.3624
format Article
fullrecord <record><control><sourceid>crossref</sourceid><recordid>TN_cdi_crossref_primary_10_17762_ijcnis_v10i3_3624</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>10_17762_ijcnis_v10i3_3624</sourcerecordid><originalsourceid>FETCH-LOGICAL-c924-98a5b46c9b0cebb83dd4a8f409289c1879665227ca7daf37cea3b4a63105c1393</originalsourceid><addsrcrecordid>eNotkMFOhDAURRujiePoD7jqD4CvLbTU3Qw6aoJxIQt35FGKdjICaauJfy8yru7Jzc1dHEKuGaRMKclv3N4MLqTfDJxIheTZCVlxUCKRoN5OF5YJaAHn5CKEPYCUAHpF6u0YS5xu6TOaDzdYWln0gxve6Waa_DiXtB89nVeDjfTORmuiGwe6xWA7OsNrxOhCdAYPdGcxfnkbLslZj4dgr_5zTerdfV0-JtXLw1O5qRKjeZboAvM2k0a3YGzbFqLrMiz6DDQvtGGF0lLmnCuDqsNeKGNRtBlKwSA3TGixJvx4a_wYgrd9M3n3if6nYdAsWpqjlmbR0vxpEb-TXVik</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>BotCap: Machine Learning Approach for Botnet Detection Based on Statistical Features</title><source>EZB-FREE-00999 freely available EZB journals</source><creator>Gadelrab, Mohammed S. ; ElSheikh, Muhammad ; Ghoneim, Mahmoud A. ; Rashwan, Mohsen</creator><creatorcontrib>Gadelrab, Mohammed S. ; ElSheikh, Muhammad ; Ghoneim, Mahmoud A. ; Rashwan, Mohsen</creatorcontrib><description>In this paper, we describe a detailed approach to develop a botnet detection system using machine learning (ML)techniques. Detecting botnet member hosts, or identifying botnet traffic has been the main subject of manyresearch efforts. This research aims to overcome two serious limitations of current botnet detection systems:First, the need for Deep Packet Inspection-DPI and the need to collect traffic from several infected hosts. Toachieve that, we have analyzed several botware samples of known botnets. Based on this analysis, we haveidentified a set of statistical features that may help to distinguish between benign and botnet malicious traffic.Then, we have carried several machine learning experiments in order to test the suitability of ML techniques andalso to pick a minimal subset of the identified features that provide best detection. We have implemented ourapproach in a tool called BotCap whose test results showed its proven ability to detect individually infected hostsin a local network.</description><identifier>ISSN: 2076-0930</identifier><identifier>EISSN: 2073-607X</identifier><identifier>DOI: 10.17762/ijcnis.v10i3.3624</identifier><language>eng</language><ispartof>International journal of communication networks and information security, 2022-04, Vol.10 (3)</ispartof><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c924-98a5b46c9b0cebb83dd4a8f409289c1879665227ca7daf37cea3b4a63105c1393</citedby></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,780,784,27924,27925</link.rule.ids></links><search><creatorcontrib>Gadelrab, Mohammed S.</creatorcontrib><creatorcontrib>ElSheikh, Muhammad</creatorcontrib><creatorcontrib>Ghoneim, Mahmoud A.</creatorcontrib><creatorcontrib>Rashwan, Mohsen</creatorcontrib><title>BotCap: Machine Learning Approach for Botnet Detection Based on Statistical Features</title><title>International journal of communication networks and information security</title><description>In this paper, we describe a detailed approach to develop a botnet detection system using machine learning (ML)techniques. Detecting botnet member hosts, or identifying botnet traffic has been the main subject of manyresearch efforts. This research aims to overcome two serious limitations of current botnet detection systems:First, the need for Deep Packet Inspection-DPI and the need to collect traffic from several infected hosts. Toachieve that, we have analyzed several botware samples of known botnets. Based on this analysis, we haveidentified a set of statistical features that may help to distinguish between benign and botnet malicious traffic.Then, we have carried several machine learning experiments in order to test the suitability of ML techniques andalso to pick a minimal subset of the identified features that provide best detection. We have implemented ourapproach in a tool called BotCap whose test results showed its proven ability to detect individually infected hostsin a local network.</description><issn>2076-0930</issn><issn>2073-607X</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2022</creationdate><recordtype>article</recordtype><recordid>eNotkMFOhDAURRujiePoD7jqD4CvLbTU3Qw6aoJxIQt35FGKdjICaauJfy8yru7Jzc1dHEKuGaRMKclv3N4MLqTfDJxIheTZCVlxUCKRoN5OF5YJaAHn5CKEPYCUAHpF6u0YS5xu6TOaDzdYWln0gxve6Waa_DiXtB89nVeDjfTORmuiGwe6xWA7OsNrxOhCdAYPdGcxfnkbLslZj4dgr_5zTerdfV0-JtXLw1O5qRKjeZboAvM2k0a3YGzbFqLrMiz6DDQvtGGF0lLmnCuDqsNeKGNRtBlKwSA3TGixJvx4a_wYgrd9M3n3if6nYdAsWpqjlmbR0vxpEb-TXVik</recordid><startdate>20220417</startdate><enddate>20220417</enddate><creator>Gadelrab, Mohammed S.</creator><creator>ElSheikh, Muhammad</creator><creator>Ghoneim, Mahmoud A.</creator><creator>Rashwan, Mohsen</creator><scope>AAYXX</scope><scope>CITATION</scope></search><sort><creationdate>20220417</creationdate><title>BotCap: Machine Learning Approach for Botnet Detection Based on Statistical Features</title><author>Gadelrab, Mohammed S. ; ElSheikh, Muhammad ; Ghoneim, Mahmoud A. ; Rashwan, Mohsen</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c924-98a5b46c9b0cebb83dd4a8f409289c1879665227ca7daf37cea3b4a63105c1393</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2022</creationdate><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Gadelrab, Mohammed S.</creatorcontrib><creatorcontrib>ElSheikh, Muhammad</creatorcontrib><creatorcontrib>Ghoneim, Mahmoud A.</creatorcontrib><creatorcontrib>Rashwan, Mohsen</creatorcontrib><collection>CrossRef</collection><jtitle>International journal of communication networks and information security</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Gadelrab, Mohammed S.</au><au>ElSheikh, Muhammad</au><au>Ghoneim, Mahmoud A.</au><au>Rashwan, Mohsen</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>BotCap: Machine Learning Approach for Botnet Detection Based on Statistical Features</atitle><jtitle>International journal of communication networks and information security</jtitle><date>2022-04-17</date><risdate>2022</risdate><volume>10</volume><issue>3</issue><issn>2076-0930</issn><eissn>2073-607X</eissn><abstract>In this paper, we describe a detailed approach to develop a botnet detection system using machine learning (ML)techniques. Detecting botnet member hosts, or identifying botnet traffic has been the main subject of manyresearch efforts. This research aims to overcome two serious limitations of current botnet detection systems:First, the need for Deep Packet Inspection-DPI and the need to collect traffic from several infected hosts. Toachieve that, we have analyzed several botware samples of known botnets. Based on this analysis, we haveidentified a set of statistical features that may help to distinguish between benign and botnet malicious traffic.Then, we have carried several machine learning experiments in order to test the suitability of ML techniques andalso to pick a minimal subset of the identified features that provide best detection. We have implemented ourapproach in a tool called BotCap whose test results showed its proven ability to detect individually infected hostsin a local network.</abstract><doi>10.17762/ijcnis.v10i3.3624</doi></addata></record>
fulltext fulltext
identifier ISSN: 2076-0930
ispartof International journal of communication networks and information security, 2022-04, Vol.10 (3)
issn 2076-0930
2073-607X
language eng
recordid cdi_crossref_primary_10_17762_ijcnis_v10i3_3624
source EZB-FREE-00999 freely available EZB journals
title BotCap: Machine Learning Approach for Botnet Detection Based on Statistical Features
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-29T07%3A34%3A47IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-crossref&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=BotCap:%20Machine%20Learning%20Approach%20for%20Botnet%20Detection%20Based%20on%20Statistical%20Features&rft.jtitle=International%20journal%20of%20communication%20networks%20and%20information%20security&rft.au=Gadelrab,%20Mohammed%20S.&rft.date=2022-04-17&rft.volume=10&rft.issue=3&rft.issn=2076-0930&rft.eissn=2073-607X&rft_id=info:doi/10.17762/ijcnis.v10i3.3624&rft_dat=%3Ccrossref%3E10_17762_ijcnis_v10i3_3624%3C/crossref%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true