Benchmark-Based Reference Model for Evaluating Botnet Detection Tools Driven by Traffic-Flow Analytics

Ramos, Katherinne Shirley Huancayo; Monge, Marco Antonio Sotelo; Vidal, Jorge Maestre

doi:10.3390/s20164501

Cited by 28 publications

(11 citation statements)

References 34 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A comparison is given in Table 9. It should be noted that the result for DT is as achieved by the authors in [65], with a 99.99% accuracy rate for the Botnet attack. Moreover, the accuracy rate for KNN is 99.984% in [65], which is same as our result.…”

Section: Discussionsupporting

confidence: 57%

“…It should be noted that the result for DT is as achieved by the authors in [65], with a 99.99% accuracy rate for the Botnet attack. Moreover, the accuracy rate for KNN is 99.984% in [65], which is same as our result. The result achieved by the authors in [66] is similar to our case, which is about 99.99% for KNN and DT and almost same as our result, but our results are slightly better than [9] in the case of the LDA algorithm.…”

Section: Discussionsupporting

confidence: 57%

See 1 more Smart Citation

Machine-Learning-Enabled Intrusion Detection System for Cellular Connected UAV Networks

et al. 2021

View full text Add to dashboard Cite

The recent development and adoption of unmanned aerial vehicles (UAVs) is due to its wide variety of applications in public and private sector from parcel delivery to wildlife conservation. The integration of UAVs, 5G, and satellite technologies has prompted telecommunication networks to evolve to provide higher-quality and more stable service to remote areas. However, security concerns with UAVs are growing as UAV nodes are becoming attractive targets for cyberattacks due to enormously growing volumes and poor and weak inbuilt security. In this paper, we propose a UAV- and satellite-based 5G-network security model that can harness machine learning to effectively detect of vulnerabilities and cyberattacks. The solution is divided into two main parts: the model creation for intrusion detection using various machine learning (ML) algorithms and the implementation of ML-based model into terrestrial or satellite gateways. The system identifies various attack types using realistic CSE-CIC IDS-2018 network datasets published by Canadian Establishment for Cybersecurity (CIC). It consists of seven different types of new and contemporary attack types. This paper demonstrates that ML algorithms can be used to classify benign or malicious packets in UAV networks to enhance security. Finally, the tested ML algorithms are compared for effectiveness in terms of accuracy rate, precision, recall, F1-score, and false-negative rate. The decision tree algorithm performed well by obtaining a maximum accuracy rate of 99.99% and a minimum false negative rate of 0% in detecting various attacks as compared to all other types of ML classifiers.

show abstract

Section: Discussionsupporting

confidence: 57%

Section: Discussionsupporting

confidence: 57%

Machine-Learning-Enabled Intrusion Detection System for Cellular Connected UAV Networks

et al. 2021

View full text Add to dashboard Cite

show abstract

“…In contrast to [14,17], proposed approach has advantages on better multi-class classification accuracy on UNSW-NB15 dataset by incorporating with C4.5 DT algorithm to the model overfitting prevented from inputting additional variables to avoid learning the noise in the training data. Moreover, Table 14 indicates that the proposed approach achieved the binary accuracy close to those of [32] on CIC-IDS 2018. However, the multi-classification accuracy was 96.53% is slightly lower than that of [19].…”

Section: Case Ii: Over-sampling For Misclassification Classmentioning

confidence: 83%

Ensemble Learning for Threat Classification in Network Intrusion Detection on a Security Monitoring System for Renewable Energy

et al. 2021

View full text Add to dashboard Cite

Most approaches for detecting network attacks involve threat analyses to match the attack to potential malicious profiles using behavioral analysis techniques in conjunction with packet collection, filtering, and feature comparison. Experts in information security are often required to study these threats, and judging new types of threats accurately in real time is often impossible. Detecting legitimate or malicious connections using protocol analysis is difficult; therefore, machine learning-based function modules can be added to intrusion detection systems to assist experts in accurately judging threat categories by analyzing the threat and learning its characteristics. In this paper, an ensemble learning scheme based on a revised random forest algorithm is proposed for a security monitoring system in the domain of renewable energy to categorize network threats in a network intrusion detection system. To reduce classification error for minority classes of experimental data in model training, the synthetic minority oversampling technique scheme (SMOTE) was formulated to re-balance the original data sets by altering the number of data points for minority class to imbue the experimental data set. The classification performance of the proposed classifier in threat classification when the data set is unbalanced was experimentally verified in terms of accuracy, precision, recall, and F1-score on the UNSW-NB15 and CSE-CIC-IDS 2018 data sets. A cross-validation scheme featuring support vector machines was used to compare classification accuracies.

show abstract

“…A novel scheme using supervised learning algorithms and an improved dataset to detect botnet traffic was carried out by Ramos et al [71]. Five ML classifiers were evaluated namely, DT, RF, SVM, NB, and KNN on two datasets: CICIDS2018 and ISOT HTTP [72] Botnet (total size 420 GB).…”

Section: Malware Botnet Attacksmentioning

confidence: 99%

Intelligent Techniques for Detecting Network Attacks: Review and Research Directions

Aljabri

Aljameel

Mohammad

et al. 2021

Sensors

View full text Add to dashboard Cite

The significant growth in the use of the Internet and the rapid development of network technologies are associated with an increased risk of network attacks. Network attacks refer to all types of unauthorized access to a network including any attempts to damage and disrupt the network, often leading to serious consequences. Network attack detection is an active area of research in the community of cybersecurity. In the literature, there are various descriptions of network attack detection systems involving various intelligent-based techniques including machine learning (ML) and deep learning (DL) models. However, although such techniques have proved useful within specific domains, no technique has proved useful in mitigating all kinds of network attacks. This is because some intelligent-based approaches lack essential capabilities that render them reliable systems that are able to confront different types of network attacks. This was the main motivation behind this research, which evaluates contemporary intelligent-based research directions to address the gap that still exists in the field. The main components of any intelligent-based system are the training datasets, the algorithms, and the evaluation metrics; these were the main benchmark criteria used to assess the intelligent-based systems included in this research article. This research provides a rich source of references for scholars seeking to determine their scope of research in this field. Furthermore, although the paper does present a set of suggestions about future inductive directions, it leaves the reader free to derive additional insights about how to develop intelligent-based systems to counter current and future network attacks.

show abstract

Benchmark-Based Reference Model for Evaluating Botnet Detection Tools Driven by Traffic-Flow Analytics

Cited by 28 publications

References 34 publications

Machine-Learning-Enabled Intrusion Detection System for Cellular Connected UAV Networks

Machine-Learning-Enabled Intrusion Detection System for Cellular Connected UAV Networks

Ensemble Learning for Threat Classification in Network Intrusion Detection on a Security Monitoring System for Renewable Energy

Intelligent Techniques for Detecting Network Attacks: Review and Research Directions

Contact Info

Product

Resources

About