A New Flow-Based Approach for Enhancing Botnet Detection Efficiency Using Convolutional Neural Networks and Long Short-Term Memory
<p dir="ltr">Despite the growing research and development of botnet detection tools, an ever-increasing spread of botnets and their victims is being witnessed. Due to the frequent adaptation of botnets to evolving responses offered by host-based and network-based detection mechanisms...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | , |
| Published: |
2025
|
| Subjects: | |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1864513534150311936 |
|---|---|
| author | Mehdi Asadi (12566741) |
| author2 | Arash Heidari (6845390) Nima Jafari Navimipour (22467562) |
| author2_role | author author |
| author_facet | Mehdi Asadi (12566741) Arash Heidari (6845390) Nima Jafari Navimipour (22467562) |
| author_role | author |
| dc.creator.none.fl_str_mv | Mehdi Asadi (12566741) Arash Heidari (6845390) Nima Jafari Navimipour (22467562) |
| dc.date.none.fl_str_mv | 2025-04-16T09:00:00Z |
| dc.identifier.none.fl_str_mv | 10.1007/s10115-025-02410-9 |
| dc.relation.none.fl_str_mv | https://figshare.com/articles/journal_contribution/A_New_Flow-Based_Approach_for_Enhancing_Botnet_Detection_Efficiency_Using_Convolutional_Neural_Networks_and_Long_Short-Term_Memory/30406336 |
| dc.rights.none.fl_str_mv | CC BY 4.0 info:eu-repo/semantics/openAccess |
| dc.subject.none.fl_str_mv | Information and computing sciences Artificial intelligence Cybersecurity and privacy Data management and data science Machine learning Botnet detection Deep learning Long short-term memory Convolutional neural network Adversarial attacks |
| dc.title.none.fl_str_mv | A New Flow-Based Approach for Enhancing Botnet Detection Efficiency Using Convolutional Neural Networks and Long Short-Term Memory |
| dc.type.none.fl_str_mv | Text Journal contribution info:eu-repo/semantics/publishedVersion text contribution to journal |
| description | <p dir="ltr">Despite the growing research and development of botnet detection tools, an ever-increasing spread of botnets and their victims is being witnessed. Due to the frequent adaptation of botnets to evolving responses offered by host-based and network-based detection mechanisms, traditional methods are found to lack adequate defense against botnet threats. In this regard, the suggestion is made to employ flow-based detection methods and conduct behavioral analysis of network traffic. To enhance the performance of these approaches, this paper proposes utilizing a hybrid deep learning method that combines convolutional neural network (CNN) and long short-term memory (LSTM) methods. CNN efficiently extracts spatial features from network traffic, such as patterns in flow characteristics, while LSTM captures temporal dependencies critical to detecting sequential patterns in botnet behaviors. Experimental results reveal the effectiveness of the proposed CNN-LSTM method in classifying botnet traffic. In comparison with the results obtained by the leading method on the identical dataset, the proposed approach showcased noteworthy enhancements, including a 0.61% increase in precision, a 0.03% augmentation in accuracy, a 0.42% enhancement in the recall, a 0.51% improvement in the F1-score, and a 0.10% reduction in the false-positive rate. Moreover, the utilization of the CNN-LSTM framework exhibited robust overall performance and notable expeditiousness in the realm of botnet traffic identification. Additionally, we conducted an evaluation concerning the impact of three widely recognized adversarial attacks on the Information Security Centre of Excellence dataset and the Information Security and Object Technology dataset. The findings underscored the proposed method’s propensity for delivering a promising performance in the face of these adversarial challenges.</p><h2>Other Information</h2><p dir="ltr">Published in: Knowledge and Information Systems<br>License: <a href="https://creativecommons.org/licenses/by/4.0" target="_blank">https://creativecommons.org/licenses/by/4.0</a><br>See article on publisher's website: <a href="https://dx.doi.org/10.1007/s10115-025-02410-9" target="_blank">https://dx.doi.org/10.1007/s10115-025-02410-9</a></p> |
| eu_rights_str_mv | openAccess |
| id | Manara2_7549a384344e42d58fd389c2ef5f29a7 |
| identifier_str_mv | 10.1007/s10115-025-02410-9 |
| network_acronym_str | Manara2 |
| network_name_str | Manara2 |
| oai_identifier_str | oai:figshare.com:article/30406336 |
| publishDate | 2025 |
| repository.mail.fl_str_mv | |
| repository.name.fl_str_mv | |
| repository_id_str | |
| rights_invalid_str_mv | CC BY 4.0 |
| spelling | A New Flow-Based Approach for Enhancing Botnet Detection Efficiency Using Convolutional Neural Networks and Long Short-Term MemoryMehdi Asadi (12566741)Arash Heidari (6845390)Nima Jafari Navimipour (22467562)Information and computing sciencesArtificial intelligenceCybersecurity and privacyData management and data scienceMachine learningBotnet detectionDeep learningLong short-term memoryConvolutional neural networkAdversarial attacks<p dir="ltr">Despite the growing research and development of botnet detection tools, an ever-increasing spread of botnets and their victims is being witnessed. Due to the frequent adaptation of botnets to evolving responses offered by host-based and network-based detection mechanisms, traditional methods are found to lack adequate defense against botnet threats. In this regard, the suggestion is made to employ flow-based detection methods and conduct behavioral analysis of network traffic. To enhance the performance of these approaches, this paper proposes utilizing a hybrid deep learning method that combines convolutional neural network (CNN) and long short-term memory (LSTM) methods. CNN efficiently extracts spatial features from network traffic, such as patterns in flow characteristics, while LSTM captures temporal dependencies critical to detecting sequential patterns in botnet behaviors. Experimental results reveal the effectiveness of the proposed CNN-LSTM method in classifying botnet traffic. In comparison with the results obtained by the leading method on the identical dataset, the proposed approach showcased noteworthy enhancements, including a 0.61% increase in precision, a 0.03% augmentation in accuracy, a 0.42% enhancement in the recall, a 0.51% improvement in the F1-score, and a 0.10% reduction in the false-positive rate. Moreover, the utilization of the CNN-LSTM framework exhibited robust overall performance and notable expeditiousness in the realm of botnet traffic identification. Additionally, we conducted an evaluation concerning the impact of three widely recognized adversarial attacks on the Information Security Centre of Excellence dataset and the Information Security and Object Technology dataset. The findings underscored the proposed method’s propensity for delivering a promising performance in the face of these adversarial challenges.</p><h2>Other Information</h2><p dir="ltr">Published in: Knowledge and Information Systems<br>License: <a href="https://creativecommons.org/licenses/by/4.0" target="_blank">https://creativecommons.org/licenses/by/4.0</a><br>See article on publisher's website: <a href="https://dx.doi.org/10.1007/s10115-025-02410-9" target="_blank">https://dx.doi.org/10.1007/s10115-025-02410-9</a></p>2025-04-16T09:00:00ZTextJournal contributioninfo:eu-repo/semantics/publishedVersiontextcontribution to journal10.1007/s10115-025-02410-9https://figshare.com/articles/journal_contribution/A_New_Flow-Based_Approach_for_Enhancing_Botnet_Detection_Efficiency_Using_Convolutional_Neural_Networks_and_Long_Short-Term_Memory/30406336CC BY 4.0info:eu-repo/semantics/openAccessoai:figshare.com:article/304063362025-04-16T09:00:00Z |
| spellingShingle | A New Flow-Based Approach for Enhancing Botnet Detection Efficiency Using Convolutional Neural Networks and Long Short-Term Memory Mehdi Asadi (12566741) Information and computing sciences Artificial intelligence Cybersecurity and privacy Data management and data science Machine learning Botnet detection Deep learning Long short-term memory Convolutional neural network Adversarial attacks |
| status_str | publishedVersion |
| title | A New Flow-Based Approach for Enhancing Botnet Detection Efficiency Using Convolutional Neural Networks and Long Short-Term Memory |
| title_full | A New Flow-Based Approach for Enhancing Botnet Detection Efficiency Using Convolutional Neural Networks and Long Short-Term Memory |
| title_fullStr | A New Flow-Based Approach for Enhancing Botnet Detection Efficiency Using Convolutional Neural Networks and Long Short-Term Memory |
| title_full_unstemmed | A New Flow-Based Approach for Enhancing Botnet Detection Efficiency Using Convolutional Neural Networks and Long Short-Term Memory |
| title_short | A New Flow-Based Approach for Enhancing Botnet Detection Efficiency Using Convolutional Neural Networks and Long Short-Term Memory |
| title_sort | A New Flow-Based Approach for Enhancing Botnet Detection Efficiency Using Convolutional Neural Networks and Long Short-Term Memory |
| topic | Information and computing sciences Artificial intelligence Cybersecurity and privacy Data management and data science Machine learning Botnet detection Deep learning Long short-term memory Convolutional neural network Adversarial attacks |