Flow-based Detection of Botnets through Bio-inspired Optimisation of   Machine Learning

Biju Issac; Kyle Fryer; Seibu Mary Jacob

arXiv:2412.05688·cs.CR·December 17, 2024

Flow-based Detection of Botnets through Bio-inspired Optimisation of Machine Learning

Biju Issac, Kyle Fryer, Seibu Mary Jacob

PDF

Open Access

TL;DR

This paper presents a bio-inspired machine learning approach using genetic algorithms to optimize detection of botnet network activity based on flow behaviour, achieving high accuracy across multiple datasets.

Contribution

It introduces a novel bio-inspired hyperparameter tuning method for machine learning classifiers to improve botnet detection accuracy.

Findings

01

Random Forest with GA achieved 99.85% accuracy on datasets

02

Flow-based behavioural modelling is effective against evasion techniques

03

The developed software demonstrates practical application of the approach

Abstract

Botnets could autonomously infect, propagate, communicate and coordinate with other members in the botnet, enabling cybercriminals to exploit the cumulative computing and bandwidth of its bots to facilitate cybercrime. Traditional detection methods are becoming increasingly unsuitable against various network-based detection evasion methods. These techniques ultimately render signature-based fingerprinting detection infeasible and thus this research explores the application of network flow-based behavioural modelling to facilitate the binary classification of bot network activity, whereby the detection is independent of underlying communications architectures, ports, protocols and payload-based detection evasion mechanisms. A comparative evaluation of various machine learning classification methods is conducted, to precisely determine the average accuracy of each classifier on bot…

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsAdvanced Malware Detection Techniques · Network Security and Intrusion Detection · Anomaly Detection Techniques and Applications

MethodsSparse Evolutionary Training · Genetic Algorithms