TY - JOUR
T1 - An efficient reinforcement learning-based Botnet detection approach
AU - Alauthman, Mohammad
AU - Aslam, Nauman
AU - Alkasassbeh, Mouhammd
AU - Khan, Suleman
AU - AL-qerem, Ahmad
AU - Raymond Choo, Kim-Kwang
PY - 2020/1/15
Y1 - 2020/1/15
N2 - The use of bot malware and botnets as a tool to facilitate other malicious cyber activities (e.g. distributed denial of service attacks, dissemination of malware and spam, and click fraud). However, detection of botnets, particularly peer-to-peer (P2P) botnets, is challenging. Hence, in this paper we propose a sophisticated traffic reduction mechanism, integrated with a reinforcement learning technique. We then evaluate the proposed approach using real-world network traffic, and achieve a detection rate of 98.3%. The approach also achieves a relatively low false positive rate (i.e. 0.012%).
AB - The use of bot malware and botnets as a tool to facilitate other malicious cyber activities (e.g. distributed denial of service attacks, dissemination of malware and spam, and click fraud). However, detection of botnets, particularly peer-to-peer (P2P) botnets, is challenging. Hence, in this paper we propose a sophisticated traffic reduction mechanism, integrated with a reinforcement learning technique. We then evaluate the proposed approach using real-world network traffic, and achieve a detection rate of 98.3%. The approach also achieves a relatively low false positive rate (i.e. 0.012%).
KW - Botnet detection
KW - Network security
KW - Traffic reduction
KW - Neural network
KW - C2C
KW - Reinforcement-learning
U2 - 10.1016/j.jnca.2019.102479
DO - 10.1016/j.jnca.2019.102479
M3 - Article
VL - 150
JO - Journal of Network and Computer Applications
JF - Journal of Network and Computer Applications
SN - 1084-8045
M1 - 102479
ER -