Hybrid Approach for Botnet Detection Using K-Means and K-Medoids with Hopfield Neural Network

In the last few years, a number of attacks and malicious activities have been attributed to common channels between users. A botnet is considered as an important carrier of malicious and undesirable briskness. In this paper, we propose a support vector machine to classify botnet activities according to k-means, k-medoids, and neural network clusters. The proposed approach is based on the features of transfer control protocol packets. System performance and accuracy are evaluated using a predefined data set. Results show the ability of the proposed approach to detect botnet activities with high accuracy and performance in a short execution time. The proposed system provides 95.7% accuracy rate with a false positive rate less than or equal to 3%.

[1]  Jie He,et al.  Detecting P2P bots by mining the regional periodicity , 2013, Journal of Zhejiang University SCIENCE C.

[2]  Issa Traoré,et al.  P2P Botnet Detection through Malicious Fast Flux Network Identification , 2012, 2012 Seventh International Conference on P2P, Parallel, Grid, Cloud and Internet Computing.

[3]  Fengmao Lv,et al.  An Effective Conversation-Based Botnet Detection Method , 2017 .

[4]  Kamel Mohamed Faraoun,et al.  Neural Networks Learning Improvement using the K-Means Clustering Algorithm to Detect Network Intrusions , 2007 .

[5]  Chun-Ying Huang,et al.  Effective bot host detection based on network failure models , 2013, Comput. Networks.

[6]  Mingteh Chen,et al.  The Analysis and Identification of P2P Botnet's Traffic Flows , 2011, Int. J. Commun. Networks Inf. Secur..

[7]  Li Zhang,et al.  A P2P Botnet detection scheme based on decision tree and adaptive multilayer neural networks , 2016, Neural Computing and Applications.

[8]  Xiapu Luo,et al.  Building a Scalable System for Stealthy P2P-Botnet Detection , 2014, IEEE Transactions on Information Forensics and Security.

[9]  Chun-Ying Huang,et al.  A fuzzy pattern-based filtering algorithm for botnet detection , 2011, Comput. Networks.

[10]  Pratik Narang,et al.  Machine-learning approaches for P2P botnet detection using signal-processing techniques , 2014, DEBS '14.

[11]  Sharath Chandra Guntuku,et al.  Real-time Peer-to-Peer Botnet Detection Framework based on Bayesian Regularized Neural Network , 2013, ArXiv.

[12]  Xianglin Wei,et al.  SMART: A Subspace based Malicious Peers Detection algorithm for P2P Systems , 2013, Int. J. Commun. Networks Inf. Secur..

[13]  Ali A. Ghorbani,et al.  Detecting P2P botnets through network behavior analysis and machine learning , 2011, 2011 Ninth Annual International Conference on Privacy, Security and Trust.

[14]  James A. Mahaffey,et al.  Multiple Self-Organizing Maps for Intrusion Detection , 2000 .

[15]  Rossouw von Solms,et al.  The utilization of artificial intelligence in a hybrid intrusion detection system , 2002 .

[16]  R. Lippmann,et al.  An introduction to computing with neural nets , 1987, IEEE ASSP Magazine.

[17]  Leonid Portnoy,et al.  Intrusion detection with unlabeled data using clustering , 2000 .

[18]  Richard A. Kemmerer,et al.  State Transition Analysis: A Rule-Based Intrusion Detection Approach , 1995, IEEE Trans. Software Eng..

[19]  Ali A. Ghorbani,et al.  Botnet detection based on traffic behavior analysis and flow intervals , 2013, Comput. Secur..

[20]  G. Kirubavathi Venkatesh,et al.  HTTP Botnet Detection Using Adaptive Learning Rate Multilayer Feed-Forward Neural Network , 2012, WISTP.

[21]  Yuhui Fan,et al.  A P2P Botnet Detection Method Used On-line Monitoring and Off-line Detection , 2014 .

[22]  Kang Li,et al.  PeerRush: Mining for unwanted P2P traffic , 2013, J. Inf. Secur. Appl..

[23]  P. Siy,et al.  Hopfield neural networks control for optimal solutions , 1992, [Proceedings 1992] IJCNN International Joint Conference on Neural Networks.

[24]  Michalis Faloutsos,et al.  Entelecheia: Detecting P2P botnets in their waiting stage , 2013, 2013 IFIP Networking Conference.

[25]  Boleslaw K. Szymanski,et al.  NETWORK-BASED INTRUSION DETECTION USING NEURAL NETWORKS , 2002 .

[26]  Lei Xu,et al.  P2P Botnet Detection Using Min-Vertex Cover , 2012, J. Networks.

[27]  Jian Kang,et al.  Accurate Detection of Peer-to-Peer Botnet using Multi-Stream Fused Scheme , 2011, J. Networks.

[28]  Marcelo R. Campo,et al.  Survey on network-based botnet detection methods , 2014, Secur. Commun. Networks.

[29]  Sophia Kaplantzis,et al.  A study on classification techniques for network intrusion detection , 2006 .

[30]  Nipun Bansal,et al.  Peer to Peer Networking and Applications , 2013 .

[31]  A. Roli Artificial Neural Networks , 2012, Lecture Notes in Computer Science.

[32]  Jitender Kumar,et al.  Peer-to-Peer Botnet Detection based on Bot Behaviour , 2017 .

[33]  Nizar Kheir,et al.  BotSuer: Suing Stealthy P2P Bots in Network Traffic through Netflow Analysis , 2013, CANS.

[34]  Siti Zaiton Mohd Hashim,et al.  Intelligent Alert Clustering Model for Network Intrusion Analysis , 2009, SOCO 2009.

[35]  Ali A. Ghorbani,et al.  Clustering botnet communication traffic based on n-gram feature selection , 2011, Comput. Commun..