Performance Evaluation of Botnet Detection using Deep Learning Techniques
| Title | Performance Evaluation of Botnet Detection using Deep Learning Techniques |
| Publication Type | Conference Paper |
| Year of Publication | 2020 |
| Authors | Nugraha, B., Nambiar, A., Bauschert, T. |
| Conference Name | 2020 11th International Conference on Network of the Future (NoF) |
| Date Published | Oct. 2020 |
| Publisher | IEEE |
| ISBN Number | 978-1-7281-8055-7 |
| Keywords | basic network security goals, Botnet, botnet traffic detection, botnet traffic patterns, botnets, composability, computer network security, convolutional neural network, CTU-13 botnet traffic dataset, CTU-13 Dataset, Data models, Deep Learning, deep learning-based approaches, defense, different deep learning models, hybrid CNN-LSTM, Internet, invasive software, known botnet traffic, learning (artificial intelligence), Long short-term memory, malicious activities, Metrics, Multilayer Perception, multilayer perceptrons, neural nets, Neural Network, performance evaluation, Performance Metrics, pubcrawl, reliability, reliable botnet detection, resilience, Resiliency, security, Sensitivity, Traffic Control, unknown botnet traffic, Zero day attacks, zero-day attack |
| Abstract | Botnets are one of the major threats on the Internet. They are used for malicious activities to compromise the basic network security goals, namely Confidentiality, Integrity, and Availability. For reliable botnet detection and defense, deep learning-based approaches were recently proposed. In this paper, four different deep learning models, namely Convolutional Neural Network (CNN), Long Short-Term Memory (LSTM), hybrid CNN-LSTM, and Multi-layer Perception (MLP) are applied for botnet detection and simulation studies are carried out using the CTU-13 botnet traffic dataset. We use several performance metrics such as accuracy, sensitivity, specificity, precision, and F1 score to evaluate the performance of each model on classifying both known and unknown (zero-day) botnet traffic patterns. The results show that our deep learning models can accurately and reliably detect both known and unknown botnet traffic, and show better performance than other deep learning models. |
| URL | https://ieeexplore.ieee.org/document/9249198 |
| DOI | 10.1109/NoF50125.2020.9249198 |
| Citation Key | nugraha_performance_2020 |
- Reliability
- malicious activities
- Metrics
- Multilayer Perception
- multilayer perceptrons
- neural nets
- neural network
- performance evaluation
- Performance Metrics
- pubcrawl
- Long short-term memory
- reliable botnet detection
- resilience
- Resiliency
- security
- Sensitivity
- traffic control
- unknown botnet traffic
- Zero day attacks
- zero-day attack
- Data models
- botnet
- botnet traffic detection
- botnet traffic patterns
- botnets
- composability
- computer network security
- convolutional neural network
- CTU-13 botnet traffic dataset
- CTU-13 Dataset
- basic network security goals
- deep learning
- deep learning-based approaches
- defense
- different deep learning models
- hybrid CNN-LSTM
- internet
- invasive software
- known botnet traffic
- learning (artificial intelligence)