تشخیص باتنت با استفاده از الگوریتم انتخاب منفی، شبکه عصبی کانولوشن و روشهای طبقهبندی
نویسندگان و وابستگیها
گروه کامپیوتر، دانشکده ریاضی و کامپیوتر، دانشگاه شهید باهنر کرمان، کرمان، ایران
سوده حسینی
دانشکده مهندسی کامپیوتر، دانشگاه باهنر کرمان، کرمان، ایران
علی امامعلینژاد و حسین سیلانی
درباره مقاله
Cite this article
Hosseini, S., Nezhad, A.E. & Seilani, H. Botnet detection using negative selection algorithm, convolution neural network and classification methods. Evolving Systems 13, 101–115 (2022). https://doi.org/10.1007/s12530-020-09362-1
-
Received
-
Accepted
-
Published
-
Issue Date
-
DOIhttps://doi.org/10.1007/s12530-020-09362-1
چکیده
باتنت یک تهدید شبکهای و اینترنتی است. برای جلوگیری سریع از باتنتها، تحلیل و پایش آنها ضروری است. اکثر رویکردها برای تشخیص باتها با پردازش و پیشپردازش حجم زیادی از اطلاعات ورودی از بستههای شبکه، ساختارها و غیره پیشنهاد شدهاند. رشد اخیر محیطهای اینترنت و شبکه باعث رشد قابل توجه حملات باتنت شده است. بر این اساس، رویکردهای سنتی برای تشخیص باتنت مناسب نیستند. این مقاله رویکرد جدیدی برای تشخیص باتنت در شبکهها ارائه میدهد. مدل تشخیص پیشنهادی برای مقایسه چهار حمله IRC، HTTP، DNS و P2P که توسط باتنت استفاده میشود، به کار میرود. علاوه بر این، این مدل دقت تشخیص باتنت را ارزیابی میکند. ما از شبکههای عصبی و همبستگی و همچنین الگوریتم انتخاب منفی (NSA) که مبتنی بر سیستم ایمنی مصنوعی است، برای شناسایی باتنت استفاده میکنیم و نتایج خود را با الگوریتمهای جنگل تصادفی، K- همسایگی، SVM، بیز گاوسی، CNN و LSTM مقایسه میکنیم. روش ما (CNN-LSTM) زمان آموزش کوتاهتر و دقت بالاتری را ارائه میدهد. در این آزمایش، از مجموعه دادههای باتنت ISOT و ISCX که به عنوان دادههای ترافیک برچسبگذاری شدهاند، استفاده میکنیم. علاوه بر این، انواع مختلف حملات باتنت را بررسی میکنیم و ارزیابی نهایی ارائه میشود.
منابع
-
Ahmed AM, Duran O, Zweiri Y, Smith M (2019) Quantification of hydrocarbon abundance in soils using deep learning with dropout and hyperspectral data. Remote Sens 11(16):1938
-
Ahmed AA, Jabbar WA, Sadiq AS, Patel H (2020) Deep learning-based classification model for botnet attack detection. J Ambient Intell Humaniz Comput 1–10
-
Akoglu H (2018) User’s guide to correlation coefficients. Turkish J Emerg Med 18(3):91–93
-
Angelov P, Sperduti A (2016) Challenges in deep learning. In ESANN 2016 proceedings, European Symposium on Artificial Neural Networks, Computational Intelligence
-
AsSadhan B, Moura JM (2014) An efficient method to detect periodic behavior in botnet traffic by analyzing control plane traffic. J Adv Res 5(4):435–448
-
Baruah S (2019) Botnet detection: analysis of various techniques. Int J Comput Intell IoT 2(2)
-
Bezerra CG, Costa BSJ, Guedes LA, Angelov PP (2016) An evolving approach to unsupervised and real-time fault detection in industrial processes. Expert Syst Appl 63:134–144
-
Calabrese B (2018) Data cleaning. Encyclopedia of bioinformatics and computational biology: ABC of bioinformatics, 472
-
Chen SC, Chen YR, Tzeng WG (2018) Effective botnet detection through neural networks on convolutional features. In: 2018 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/12th IEEE International Conference On Big Data Science and Engineering (TrustCom/BigDataSE) (pp. 372–378). IEEE
-
Dhayal H, Kumar J (2018) Botnet and P2P botnet detection strategies: a review. In: 2018 International Conference on Communication and Signal Processing (ICCSP) (pp. 1077–1082). IEEE
-
Dong X, Hu J, Cui Y (2018) Overview of botnet detection based on machine learning. In: 2018 3rd International Conference on Mechanical, Control and Computer Engineering (ICMCCE) (pp 476–479). IEEE
-
Gaonkar S, Dessai NF, Costa J, Borkar A, Aswale S, Shetgaonkar P (2020) A survey on botnet detection techniques. In: 2020 International Conference on Emerging Trends in Information Technology and Engineering (ic-ETITE) (pp. 1–6). IEEE
-
Hoque N, Bhattacharyya DK, Kalita JK (2015) Botnet in DDoS attacks: trends and challenges. IEEE Commun Surv Tutorials 17(4):2242–2270
-
Ioffe S, Szegedy C (2015) Batch normalization: accelerating deep network training by reducing internal covariate shift. arXiv preprint arXiv:1502.03167.
-
Kasabov NK (2019) Time-space, spiking neural networks and brain-inspired artificial intelligence. Heidelberg: Springer. 1 ed. Berlin, 2018. 738 p
-
Kaur G (2018) A novel distributed machine learning framework for semi-supervised detection of botnet attacks. In 2018 Eleventh International Conference on Contemporary Computing (IC3) (pp. 1–7). IEEE
-
Kebande VR, Venter HS (2014) A cognitive approach for botnet detection using Artificial Immune System in the cloud. In: IEEE 2014 Third International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec) (pp. 52–57)
-
Ko B, Kim HG, Choi HJ (2017) Controlled dropout: a different dropout for improving training speed on deep neural network. In: 2017 IEEE International Conference on Systems, Man, and Cybernetics (SMC) (pp. 972–977). IEEE
-
Li X, Wang J, Zhang X (2017) Botnet detection technology based on DNS. Future Internet 9(4):55
-
Maeda S, Kanai A, Tanimoto S, Hatashima T, Ohkubo K (2019) A botnet detection method on SDN using deep learning. In: 2019 IEEE International Conference on Consumer Electronics (ICCE) (pp. 1–6). IEEE
-
Mathur L, Raheja M, Ahlawat P (2018) Botnet detection via mining of network traffic flow. Procedia Comput Sci 132:1668–1677
-
McDermott CD, Majdani F, Petrovski AV (2018) Botnet detection in the internet of things using deep Learning approaches. In: 2018 international joint conference on neural networks (IJCNN) (pp 1–8). IEEE
-
Mighan SN, Kahani M (2020) A novel scalable intrusion detection system based on deep learning. Int J Inf Secur 1–17
-
Rashid N, Iqbal J, Mahmood F, Abid A, Khan US, Tiwana MI (2018) Artificial immune system–Negative selection classification algorithm (NSCA) for four class electroencephalogram (EEG) Signals. Front Hum Neurosci 12:439
-
Saurabh P, Verma B (2016) An efficient proactive artificial immune system based anomaly detection and prevention system. Expert Syst Appl 60:311–320
-
Shi WC, Sun HM (2020) DeepBot: a time-based botnet detection with deep learning. Soft Comput
-
Thangapandiyan M, Anand PR (2016) An efficient botnet detection system for P2P botnet. In: 2016 International Conference on Wireless Communications, Signal Processing and Networking (WiSPNET) (pp. 1217–1221). IEEE
-
Torres P, Catania C, Garcia S, Garino CG (2016) An analysis of recurrent neural networks for botnet detection behavior. In 2016 IEEE biennial congress of Argentina (ARGENCON) (pp. 1–6). IEEE
-
Tosin SIT, Gbenga JR (2020) Negative selection algorithm based intrusion detection model. In 2020 IEEE 20th Mediterranean Electrotechnical Conference (MELECON) (pp. 202–206). IEEE
-
Vormayr G, Zseby T, Fabini J (2017) Botnet communication patterns. IEEE Communications Surveys & Tutorials 19(4):2768–2796
-
Wang J, Paschalidis IC (2016) Botnet detection based on anomaly and community detection. IEEE Trans Control Netw Syst 4(2):392–404
-
Wang K, Huang CY, Lin SJ, Lin YD (2011) A fuzzy pattern-based filtering algorithm for botnet detection. Comput Netw 55(15):3275–3286
-
Wang S, Yan Q, Chen Z, Yang B, Zhao C, Conti M (2017) Detecting android malware leveraging text semantics of network flows. IEEE Trans Inf Forensics Secur 13(5):1096–1109
-
Yang Z, Wang B (2019) A feature extraction method for P2P botnet detection using graphic symmetry concept. Symmetry 11(3):326
-
Yerima SY, Alzaylaee MK (2020) Mobile botnet detection: a deep learning approach using convolutional neural networks. In: 2020 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA) (pp. 1–8). IEEE
-
Zhao D, Traore I, Ghorbani A, Sayed B, Saad S, Lu W (2012) Peer to peer botnet detection based on flow intervals. In: IFIP International Information Security Conference (pp. 87–102). Springer, Berlin, Heidelberg
-
Zhuang D, Chang JM (2019) Detecting peer-to-peer botnets through community behavior analysis. In: 2017 IEEE Conference on Dependable and Secure Computing (pp. 493–500). IEEE