Z. Ibrahim, R. Razali, Saiful Adli Ismail, Iman Hakimi Khairil Azhar, Fiza Abdul Rahim, Ahmad Muzafaraidil Ahmad Azilan
{"title":"A Review of Machine Learning Botnet Detection Techniques based on Network Traffic Log","authors":"Z. Ibrahim, R. Razali, Saiful Adli Ismail, Iman Hakimi Khairil Azhar, Fiza Abdul Rahim, Ahmad Muzafaraidil Ahmad Azilan","doi":"10.1109/ICOCO56118.2022.10031803","DOIUrl":null,"url":null,"abstract":"Cyber-attacks are a common issue in this modern era because of the introduction of high-speed networks and the use of new technologies like Internet of Things (IoT) devices, which fuel the rapid expansion of cyber-attack. One of the common cyber-attacks is botnet attacks. Hackers use botnet attacks to exploit newly discovered vulnerabilities in order to conduct intensive scraping, distributed denial of service (DDoS) attacks, and other large-scale cybercrime. With their adaptable and dynamic character, botnets work with a botmaster to plan their activities, modify their codes, and update the bots regularly to avoid detection. Researchers use numerous techniques to detect the botnet. However, botmasters nowadays have improved due to avoiding security in detection. As the communication can leave traces that allow researchers to detect the botnet’s existence, this paper will review 15 related works on botnet detection that utilize machine learning to predict the botnet communication with the command-and-control (C&C or C2) center based on the network traffic log. This paper summarizes the related works based on the dataset, environment, botnet type, features employed, and machine learning techniques.","PeriodicalId":319652,"journal":{"name":"2022 IEEE International Conference on Computing (ICOCO)","volume":"70 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-11-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE International Conference on Computing (ICOCO)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICOCO56118.2022.10031803","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
Cyber-attacks are a common issue in this modern era because of the introduction of high-speed networks and the use of new technologies like Internet of Things (IoT) devices, which fuel the rapid expansion of cyber-attack. One of the common cyber-attacks is botnet attacks. Hackers use botnet attacks to exploit newly discovered vulnerabilities in order to conduct intensive scraping, distributed denial of service (DDoS) attacks, and other large-scale cybercrime. With their adaptable and dynamic character, botnets work with a botmaster to plan their activities, modify their codes, and update the bots regularly to avoid detection. Researchers use numerous techniques to detect the botnet. However, botmasters nowadays have improved due to avoiding security in detection. As the communication can leave traces that allow researchers to detect the botnet’s existence, this paper will review 15 related works on botnet detection that utilize machine learning to predict the botnet communication with the command-and-control (C&C or C2) center based on the network traffic log. This paper summarizes the related works based on the dataset, environment, botnet type, features employed, and machine learning techniques.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
