Abstract
Botnets are networks formed with a number of machines infected by malware called bots. Detection of these malicious networks is becoming a major concern as they pose a serious threat to the network security. Most of the research on bot detection is based on particular botnet characteristics which fail to detect other types of botnets and bots. Furthermore, there are very few bot detection methods that considered real-life class-imbalanced dataset. A dataset is class-imbalanced if there are significantly more instances in one class than the other classes. In this paper, we develop three generic features to detect different types of bots regardless of their botnet characteristics. We develop five classification models based on those features to classify bots from a large, real-life, class-imbalanced network dataset. Results show that our methodology can detect bots more accurately than the existing methods. Experimental results also demonstrate that the developed methodology can successfully detect bots when the proportion of bots to normal activity is very small. We also provide a performance comparison of our methodology with a recent study on bot detection in a real-life, large, imbalanced dataset.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
