A P2P Botnet detection scheme based on decision tree and adaptive multilayer neural networks

In recent years, Botnets have been adopted as a popular method to carry and spread many malicious codes on the Internet. These malicious codes pave the way to execute many fraudulent activities including spam mail, distributed denial-of-service attacks and click fraud. While many Botnets are set up...

Descripción completa

Detalles Bibliográficos
Autores principales: Alauthaman, Mohammad, Aslam, Nauman, Zhang, Li, Alasem, Rafe, Hossain, M. A.
Formato: Online Artículo Texto
Lenguaje:English
Publicado: Springer London 2016
Materias:
Original Article
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC5940715/
https://www.ncbi.nlm.nih.gov/pubmed/29769759
http://dx.doi.org/10.1007/s00521-016-2564-5
_version_ 1783321138965774336
author Alauthaman, Mohammad
Aslam, Nauman
Zhang, Li
Alasem, Rafe
Hossain, M. A.
author_facet Alauthaman, Mohammad
Aslam, Nauman
Zhang, Li
Alasem, Rafe
Hossain, M. A.
author_sort Alauthaman, Mohammad
collection PubMed
description In recent years, Botnets have been adopted as a popular method to carry and spread many malicious codes on the Internet. These malicious codes pave the way to execute many fraudulent activities including spam mail, distributed denial-of-service attacks and click fraud. While many Botnets are set up using centralized communication architecture, the peer-to-peer (P2P) Botnets can adopt a decentralized architecture using an overlay network for exchanging command and control data making their detection even more difficult. This work presents a method of P2P Bot detection based on an adaptive multilayer feed-forward neural network in cooperation with decision trees. A classification and regression tree is applied as a feature selection technique to select relevant features. With these features, a multilayer feed-forward neural network training model is created using a resilient back-propagation learning algorithm. A comparison of feature set selection based on the decision tree, principal component analysis and the ReliefF algorithm indicated that the neural network model with features selection based on decision tree has a better identification accuracy along with lower rates of false positives. The usefulness of the proposed approach is demonstrated by conducting experiments on real network traffic datasets. In these experiments, an average detection rate of 99.08 % with false positive rate of 0.75 % was observed.
format Online
Article
Text
id pubmed-5940715
institution National Center for Biotechnology Information
language English
publishDate 2016
publisher Springer London
record_format MEDLINE/PubMed
spelling pubmed-59407152018-05-14 A P2P Botnet detection scheme based on decision tree and adaptive multilayer neural networks Alauthaman, Mohammad Aslam, Nauman Zhang, Li Alasem, Rafe Hossain, M. A. Neural Comput Appl Original Article In recent years, Botnets have been adopted as a popular method to carry and spread many malicious codes on the Internet. These malicious codes pave the way to execute many fraudulent activities including spam mail, distributed denial-of-service attacks and click fraud. While many Botnets are set up using centralized communication architecture, the peer-to-peer (P2P) Botnets can adopt a decentralized architecture using an overlay network for exchanging command and control data making their detection even more difficult. This work presents a method of P2P Bot detection based on an adaptive multilayer feed-forward neural network in cooperation with decision trees. A classification and regression tree is applied as a feature selection technique to select relevant features. With these features, a multilayer feed-forward neural network training model is created using a resilient back-propagation learning algorithm. A comparison of feature set selection based on the decision tree, principal component analysis and the ReliefF algorithm indicated that the neural network model with features selection based on decision tree has a better identification accuracy along with lower rates of false positives. The usefulness of the proposed approach is demonstrated by conducting experiments on real network traffic datasets. In these experiments, an average detection rate of 99.08 % with false positive rate of 0.75 % was observed. Springer London 2016-10-03 2018 /pmc/articles/PMC5940715/ /pubmed/29769759 http://dx.doi.org/10.1007/s00521-016-2564-5 Text en © The Author(s) 2016 Open AccessThis article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made.
spellingShingle Original Article
Alauthaman, Mohammad
Aslam, Nauman
Zhang, Li
Alasem, Rafe
Hossain, M. A.
A P2P Botnet detection scheme based on decision tree and adaptive multilayer neural networks
title A P2P Botnet detection scheme based on decision tree and adaptive multilayer neural networks
title_full A P2P Botnet detection scheme based on decision tree and adaptive multilayer neural networks
title_fullStr A P2P Botnet detection scheme based on decision tree and adaptive multilayer neural networks
title_full_unstemmed A P2P Botnet detection scheme based on decision tree and adaptive multilayer neural networks
title_short A P2P Botnet detection scheme based on decision tree and adaptive multilayer neural networks
title_sort p2p botnet detection scheme based on decision tree and adaptive multilayer neural networks
topic Original Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC5940715/
https://www.ncbi.nlm.nih.gov/pubmed/29769759
http://dx.doi.org/10.1007/s00521-016-2564-5
work_keys_str_mv AT alauthamanmohammad ap2pbotnetdetectionschemebasedondecisiontreeandadaptivemultilayerneuralnetworks
AT aslamnauman ap2pbotnetdetectionschemebasedondecisiontreeandadaptivemultilayerneuralnetworks
AT zhangli ap2pbotnetdetectionschemebasedondecisiontreeandadaptivemultilayerneuralnetworks
AT alasemrafe ap2pbotnetdetectionschemebasedondecisiontreeandadaptivemultilayerneuralnetworks
AT hossainma ap2pbotnetdetectionschemebasedondecisiontreeandadaptivemultilayerneuralnetworks
AT alauthamanmohammad p2pbotnetdetectionschemebasedondecisiontreeandadaptivemultilayerneuralnetworks
AT aslamnauman p2pbotnetdetectionschemebasedondecisiontreeandadaptivemultilayerneuralnetworks
AT zhangli p2pbotnetdetectionschemebasedondecisiontreeandadaptivemultilayerneuralnetworks
AT alasemrafe p2pbotnetdetectionschemebasedondecisiontreeandadaptivemultilayerneuralnetworks
AT hossainma p2pbotnetdetectionschemebasedondecisiontreeandadaptivemultilayerneuralnetworks

Ejemplares similares