A Comprehensive Analysis of Botnet Detection and Distributed Denial of Service Attacks: The Function of Deep Learning and Machine Learning Methods

Authors

  • Abeer Abd Alhameed Mahmood Biomedical Engineering Department, College of Engineering, University of Babylon, Iraq

Keywords:

Machine Learning, Deep Learning, Detection, Botnet, Distributed Denial-of-Service

Abstract

The two greatest threats of insecurity in cyberspace are botnets and a Distributed Denial of Service (DDoS) attacks. When translated in understanding it is simply a composition of compromised computer systems that have been captured by malicious intruders and used for different heinous acts. This paper discusses how IoT has become an important tool as well as a threat vector within botnet attacks. Moreover, machine learning models are used for assessment of these threats in order to have an opportunity to prevent them. Here are different artificial intelligence techniques used in the identification of botnet activity on IoT devices: Bayesian, KNN, SVM, and Decision Tree. There has also been an interest on the graph-based machine learning models for botnet identification since they can mimic host communication and are hard to attack at zero dayado, The paper also looks at the application of deep learning techniques especially the Recurrent Neural Network (RNN) coupled with BiLSTM. Also, identifying botnets and employing permissioned Byzantine Fault-Tolerant (BFT) blockchain for dynamic modelling of IoT communities is suggested. Some of the research areas of cybersecurity are detection methods for DDoS attacks and botnets, as well as features of the graph and methods of creating general models for detecting botnets based on important characteristics. Thus, the fields of DDoS and botnet detection via machine learning and deep learning have laid a firm ground for the future work. These are concepts that were first demonstrated in this work as the field’s first application of advanced computational methods on complex network security problems showing the need for further innovation due to ever increasing threats.

References

W. N. H. Ibrahim et al., ‘Multilayer Framework for Botnet Detection Using Machine Learning Algorithms’, IEEE Access, vol. 9, pp. 48753–48768, 2021, doi: 10.1109/ACCESS.2021.3060778.

K. Shinan, K. Alsubhi, A. Alzahrani, and M. U. Ashraf, ‘Machine learning-based botnet detection in software-defined network: A systematic review’, Symmetry (Basel), vol. 13, no. 5, May 2021, doi: 10.3390/sym13050866.

S. S. A. Naqvi, Y. Li, and M. Uzair, ‘DDoS attack detection in smart grid network using reconstructive machine learning models’, PeerJ Comput Sci, vol. 10, p. e1784, Jan. 2024, doi: 10.7717/peerj-cs.1784.

T. A. Tuan, H. V. Long, L. H. Son, R. Kumar, I. Priyadarshini, and N. T. K. Son, ‘Performance evaluation of Botnet DDoS attack detection using machine learning’, Evol Intell, vol. 13, no. 2, pp. 283–294, Jun. 2020, doi: 10.1007/s12065-019-00310-w.

USENIX Association., Understanding the Mirai Botnet. USENIX Association, 2017.

A. Alharbi and K. Alsubhi, ‘Botnet Detection Approach Using Graph-Based Machine Learning’, IEEE Access, vol. 9, pp. 99166–99180, 2021, doi: 10.1109/ACCESS.2021.3094183.

F. Taher, M. Abdel-Salam, M. Elhoseny, and I. M. El-Hasnony, ‘Reliable Machine Learning Model for IIoT Botnet Detection’, ieee, 2023, doi: 10.1109/ACCESS.2017.Doi.

E. Bertino and N. Islam, ‘Botnets and Internet of Things Security’, 2017. [Online]. Available: www.owasp.org/index.php/Top_IoT_Vulnerabilities.

S. Shaposhnikov, Sankt-Peterburgskiĭ gosudarstvennyĭ ėlektrotekhnicheskiĭ universitet ‘LĖTI’, Nat︠s︡ionalʹnyĭ issledovatelʹskiĭ universitet ‘MIĖT’ (Russia), Institute of Electrical and Electronics Engineers, Institute of Electrical and Electronics Engineers, and Institute of Electrical and Electronics Engineers., A Method to Detect Internet of Things Botnets. 2018.

C. D.McDermott, F. Majdani, and A. V. Petrovski, Botnet Detection in the Internet of Things using Deep Learning Approaches. 2018.

H. Bahs¸i, S. N˜omm, and F. Benedetto La Torre, Dimensionality Reduction for Machine Learning Based IoT Botnet Detection. IEEE, 2018.

H. T. Nguyen, Q. D. Ngo, and V. H. Le, ‘IoT Botnet Detection Approach Based on PSI graph and DGCNN classifier’, in 2018 IEEE International Conference on Information Communication and Signal Processing, ICICSP 2018, Institute of Electrical and Electronics Engineers Inc., Nov. 2018, pp. 118–122. doi: 10.1109/ICICSP.2018.8549713.

Y. Ji, L. Yao, H. Yao, Q. Ye, and R. Wang, The Study on the Botnet and its Prevention Policies in the Internet of Things. 2018.

S. Nomm and H. Bahsi, ‘Unsupervised Anomaly Based Botnet Detection in IoT Networks’, in Proceedings - 17th IEEE International Conference on Machine Learning and Applications, ICMLA 2018, Institute of Electrical and Electronics Engineers Inc., Jul. 2018, pp. 1048–1053. doi: 10.1109/ICMLA.2018.00171.

G. Sagirlar, B. Carminati, and E. Ferrari, ‘AutoBotCatcher: Blockchain-based P2P Botnet Detection for the Internet of Things’, 2018.

J. Liu, S. Liu, and S. Zhang, ‘Detection of IoT Botnet Based on Deep Learning’, 2019.

W. Jung, H. Zhao, M. Sun, and G. Zhou, ‘IoT Botnet Detection via Power Consumption Modeling’, 2019. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S2352648319300674

R. U. Khan, X. Zhang, R. Kumar, A. Sharif, N. A. Golilarz, and M. Alazab, ‘An adaptive multi- layer botnet detection technique using machine learning classifiers’, Applied Sciences (Switzerland), vol. 9, no. 11, Jun. 2019, doi: 10.3390/app9112375.

H. Alazzam, A. Alsmady, and A. Al Shorman, ‘Supervised detection of IoT botnet attacks’, in ACM International Conference Proceeding Series, Association for Computing Machinery, Dec. 2019. doi: 10.1145/3368691.3368733.

M. Singh, M. Singh, and S. Kaur, ‘Issues and challenges in DNS based botnet detection: A survey’, Computers and Security, vol. 86. Elsevier Ltd, pp. 28–52, Sep. 01, 2019. doi: 10.1016/j.cose.2019.05.019.

H. T. Nguyen, D. H. Nguyen, Q. D. Ngo, V. H. Tran, and V. H. Le, ‘Towards a rooted subgraph classifier for IoT botnet detection’, in ACM International Conference Proceeding Series, Association for Computing Machinery, Jul. 2019, pp. 247–251. doi: 10.1145/3348445.3348474.

M. Alshamkhany, W. Alshamkhany, M. Mansour, M. Khan, S. Dhou, and F. Aloul, ‘Botnet Attack Detection using Machine Learning’, in Proceedings of the 2020 14th International Conference on Innovations in Information Technology, IIT 2020, Institute of Electrical and Electronics Engineers Inc., Nov. 2020, pp. 203–208. doi: 10.1109/IIT50501.2020.9299061.

N. Venu, S. Rao Allanki, D. Kumar, and As. Rao, ‘BOTNET Attacks Detection in Internet of Things Using Machine Learning. BOTNET ATTACKS DETECTION IN INTERNET OF THINGS USING MACHINE LEARNING NeuroQuantology 2022; 20(4): 743-754’, vol. 20, 2022, doi: 10.14704/NQ.2022.20.4.NQ22298.

W. Alhalabi, A. Gaurav, V. Arya, I. F. Zamzami, and R. A. Aboalela, ‘Machine Learning-Based Distributed Denial of Services (DDoS) Attack Detection in Intelligent Information Systems’, Int J Semant Web Inf Syst, vol. 19, no. 1, 2023, doi: 10.4018/IJSWIS.327280.

S. Ullah, Z. Mahmood, N. Ali, T. Ahmad, and A. Buriro, ‘Machine Learning-Based Dynamic Attribute Selection Technique for DDoS Attack Classification in IoT Networks’, Computers, vol. 12, no. 6, Jun. 2023, doi: 10.3390/computers12060115.

F. Sattari, A. H. Farooqi, Z. Qadir, B. Raza, H. Nazari, and M. Almutiry, ‘A hybrid deep learning approach for bottleneck detection in IoT’, 2022, doi: 10.1109/ACCESS.2022.DOI.

J. Bharadiya, ‘Machine Learning in Cybersecurity: Techniques and Challenges’, European Journal of Technology, vol. 7, no. 2, pp. 1–14, Jun. 2023, doi: 10.47672/ejt.1486.

D. Torre, F. Mesadieu, and A. Chennamaneni, ‘Deep learning techniques to detect cybersecurity attacks: a systematic mapping study’, Empir Softw Eng, vol. 28, May 2023, doi: 10.1007/s10664-023-10302-1.

C. Tzagkarakis, N. Petroulakis, and S. Ionnidis, Botnet Attack Detection at the IoT Edge Based on Sparse Representation. 2020.

R. Sahay, G. Blanc, Z. Zhang, and H. Debar, ‘ArOMA: An SDN based autonomic DDoS mitigation framework’, Comput Secur, vol. 70, pp. 482–499, Sep. 2017, doi: 10.1016/j.cose.2017.07.008.

C. D. Mcdermott, F. Majdani, and A. V Petrovski, ‘Botnet Detection in the Internet of Things using Deep Learning Approaches’, 2018.

F. K. Wai, Z. Lilei, W. K. Wai, S. Le, and V. L. L. Thing, ‘Automated Botnet Traffic Detection via Machine Learning’, in IEEE Region 10 Annual International Conference, Proceedings/TENCON, Institute of Electrical and Electronics Engineers Inc., Jul. 2018, pp. 38–43. doi: 10.1109/TENCON.2018.8650466.

T. S. Wang, H. T. Lin, W. T. Cheng, and C. Y. Chen, ‘DBod: Clustering and detecting DGA-based botnets using DNS traffic analysis’, Comput Secur, vol. 64, pp. 1–15, Jan. 2017, doi: 10.1016/j.cose.2016.10.001.

S. Homayoun, M. Ahmadzadeh, S. Hashemi, A. Dehghantanha, and R. Khayami, ‘BoTShark: A deep learning approach for botnet traffic detection’, in Advances in Information Security, vol. 70, Springer New York LLC, 2018, pp. 137–153. doi: 10.1007/978-3-319-73951-9_7.

M. Antonakakis, M. Bailey, and M. Bernhard, Understanding the Mirai Botnet. USENIX Association, 2005.

Downloads

Published

2025-02-13

How to Cite

Mahmood, A. A. A. (2025). A Comprehensive Analysis of Botnet Detection and Distributed Denial of Service Attacks: The Function of Deep Learning and Machine Learning Methods. American Journal of Technology Advancement, 2(2), 6–23. Retrieved from https://semantjournals.org/index.php/AJTA/article/view/1089

Issue

Vol. 2 No. 2 (2025): American Journal of Technology Advancement

Section

Articles

License

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Similar Articles

1 2 3 > >> 

You may also start an advanced similarity search for this article.