A Framework for Detecting Botnet Command and Control Communication over an Encrypted Channel

Ismail, Zahian; Jantan, Aman; Najwadi, Mohd.

doi:10.14569/ijacsa.2020.0110140

Cited by 2 publications

(4 citation statements)

References 17 publications

(26 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Experimental results shows that KNN classification algorithm yields more accurate results than any other classification algorithm, regardless of the FS techniques used. Ismail et al 32 have proposed a P2P botnet detection approach using various ML algorithms. They have also used feature extraction and FS.…”

Section: Fs In the Domain Of Botnet Detectionmentioning

confidence: 99%

Reviewing various feature selection techniques in machine learning‐based botnet detection

Baruah,

Borah,

Deka

2024

Concurrency and Computation

View full text Add to dashboard Cite

SummaryMachine learning approaches are widely used for the detection and classification of emerging botnet variations due to their ability to yield more precise results compared to traditional methods. The relevancy of the features plays a major role in these detection algorithms' effectiveness. As such, the most distinctive characteristics must be extracted from a high‐dimensional dataset that is used to classify botnets. Nevertheless, we discovered that the majority of earlier studies lacked proper analysis and paid little attention to the various feature selection techniques. The main goal of this work is to investigate and assess the advantages and disadvantages of the different feature selection techniques used for botnet detection. Studies show that feature selection is a very efficient way to decrease the amount of storage and processing power required while simultaneously increasing classification accuracy. As a consequence, its application in many other fields has grown. The field of feature selection is recognized for its non‐deterministic polynomial‐time hardness; to mitigate this hardness, metaheuristic techniques have been applied. Metaheuristic algorithms are exceptionally good at performing a global search. In order to choose feature subsets optimally in the field of botnet detection, we additionally prioritize the use of metaheuristic methods. This study offers a more thorough insight of the feature selection strategies that are primarily employed by machine learning‐based botnet detection models. It also offers insights into how better feature selection approaches might be applied to strengthen botnet detection mechanisms. Additionally, it will help in understanding the limitations of existing approaches and identifying areas for improvement.

show abstract

Section: Fs In the Domain Of Botnet Detectionmentioning

confidence: 99%

Reviewing various feature selection techniques in machine learning‐based botnet detection

Baruah,

Borah,

Deka

2024

Concurrency and Computation

View full text Add to dashboard Cite

show abstract

“…Based on literature [14], there are three major methods of botnet detection such as host-based detection, honeynet detection and network-based detection. Recently, machine learning based detection has become the most widely used for detecting botnets methods as proven by previous literature [15], [16], [4], [5]. In addition, the number and complexity of IoT devices is also growing, it has become important to develop effective botnet detection methods.…”

Section: Related Workmentioning

confidence: 99%

“…Ismail et al [4] proposed a Botnet Analysis and Detection System (BADS) which could detect Botnet in encrypted channel and includes the autonomous feature. The BADS framework comprises of three main components which are Network Analysis System (NAS), IDS and Alarm System www.ijacsa.thesai.org (AS).…”

Section: A Botnet Detection Frameworkmentioning

confidence: 99%

See 1 more Smart Citation

Botnet Detection and Incident Response in Security Operation Center (SOC): A Proposed Framework

Muhammad,

Ismail,

Hassan

2024

IJACSA

View full text Add to dashboard Cite

In the dynamic landscape of evolving cyber threats, Security Operations Centers (SOCs) play an important role in protecting digital assets. Among these threats, botnets are particularly challenging due to their ability to take over many devices and launch coordinated attacks. Through comparative analysis, the research gaps in existing frameworks have been identified. Based on these insights, a botnet detection and incident response framework aligned with SOC practices has been proposed. This proposed framework emphasizes proactive measures by integrating threat intelligence, detection and monitoring tools to detect botnet attack and facilitate rapid response. Future research will focus on conducting evaluation and validation studies to assess the effectiveness and performance of the framework in controlled environments. This effort will contribute to develop the framework and ensuring it aligns with practical cybersecurity needs.

show abstract

A Framework for Detecting Botnet Command and Control Communication over an Encrypted Channel

Cited by 2 publications

References 17 publications

Reviewing various feature selection techniques in machine learning‐based botnet detection

Reviewing various feature selection techniques in machine learning‐based botnet detection

Botnet Detection and Incident Response in Security Operation Center (SOC): A Proposed Framework

Contact Info

Product

Resources

About