Open Access iconOpen Access

ARTICLE

Automatic Botnet Attack Identification Based on Machine Learning

by Peng Hui Li1, Jie Xu1,*, Zhong Yi Xu1, Su Chen1, Bo Wei Niu2, Jie Yin1, Xiao Feng Sun1, Hao Liang Lan1, Lu Lu Chen3

1 Jiangsu Police Institute, Nanjing, 210000, China
2 Public Security Department of Jiangsu Province, Nanjing, 210000, China
3 The University of Adelaide, Adelaide, 5005, SA, Australia

* Corresponding Author: Jie Xu. Email: email

Computers, Materials & Continua 2022, 73(2), 3847-3860. https://doi.org/10.32604/cmc.2022.029969

Abstract

At present, the severe network security situation has put forward high requirements for network security defense technology. In order to automate botnet threat warning, this paper researches the types and characteristics of Botnet. Botnet has special characteristics in attributes such as packets, attack time interval, and packet size. In this paper, the attack data is annotated by means of string recognition and expert screening. The attack features are extracted from the labeled attack data, and then use K-means for cluster analysis. The clustering results show that the same attack data has its unique characteristics, and the automatic identification of network attacks is realized based on these characteristics. At the same time, based on the collection and attribute extraction of Botnet attack data, this paper uses RF, GBM, XGBOOST and other machine learning models to test the warning results, and automatically analyzes the attack by importing attack data. In the early warning analysis results, the accuracy rates of different models are obtained. Through the descriptive values of the three accuracy rates of Accuracy, Precision, and F1_Score, the early warning effect of each model can be comprehensively displayed. Among the five algorithms used in this paper, three have an accuracy rate of over 90%. The three models with the highest accuracy are used in the early warning model. The research shows that cyberattacks can be accurately predicted. When this technology is applied to the protection system, accurate early warning can be given before a network attack is launched.

Keywords


Cite This Article

APA Style
Li, P.H., Xu, J., Xu, Z.Y., Chen, S., Niu, B.W. et al. (2022). Automatic botnet attack identification based on machine learning. Computers, Materials & Continua, 73(2), 3847-3860. https://doi.org/10.32604/cmc.2022.029969
Vancouver Style
Li PH, Xu J, Xu ZY, Chen S, Niu BW, Yin J, et al. Automatic botnet attack identification based on machine learning. Comput Mater Contin. 2022;73(2):3847-3860 https://doi.org/10.32604/cmc.2022.029969
IEEE Style
P. H. Li et al., “Automatic Botnet Attack Identification Based on Machine Learning,” Comput. Mater. Contin., vol. 73, no. 2, pp. 3847-3860, 2022. https://doi.org/10.32604/cmc.2022.029969



cc Copyright © 2022 The Author(s). Published by Tech Science Press.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 123336

    View

  • 8425

    Download

  • 9

    Like

Share Link