A Review of Machine Learning Botnet Detection Techniques based on Network Traffic Log

No Thumbnail Available
Ibrahim Z.-A.
Razali R.A.
Ismail S.A.
Azhar I.H.K.
Rahim F.A.
Azilan A.M.A.
Journal Title
Journal ISSN
Volume Title
Institute of Electrical and Electronics Engineers Inc.
Research Projects
Organizational Units
Journal Issue
Cyber-attacks are a common issue in this modern era because of the introduction of high-speed networks and the use of new technologies like Internet of Things (IoT) devices, which fuel the rapid expansion of cyber-attack. One of the common cyber-attacks is botnet attacks. Hackers use botnet attacks to exploit newly discovered vulnerabilities in order to conduct intensive scraping, distributed denial of service (DDoS) attacks, and other large-scale cybercrime. With their adaptable and dynamic character, botnets work with a botmaster to plan their activities, modify their codes, and update the bots regularly to avoid detection. Researchers use numerous techniques to detect the botnet. However, botmasters nowadays have improved due to avoiding security in detection. As the communication can leave traces that allow researchers to detect the botnet's existence, this paper will review 15 related works on botnet detection that utilize machine learning to predict the botnet communication with the command-and-control (C&C or C2) center based on the network traffic log. This paper summarizes the related works based on the dataset, environment, botnet type, features employed, and machine learning techniques. � 2022 IEEE.
Crime; Cybersecurity; Denial-of-service attack; HIgh speed networks; Internet of things; Machine learning; Network security; Personal computing; Botmaster; Botnet detections; Botnets; Cyber-attacks; High-speed Networks; Introduction; Log.; Machine-learning; Network traffic; Related works; Botnet