Leveraging Network Traffic Byte-Streams for Machine Learning Based Early Botnet Attack Detection
Botnet attacks can overwhelm networks and severely affect the availability of services. Anomaly based detection techniques using machine learning are effective against zero-day attacks. However, they require complex data preprocessing and feature extraction which can affect the early detection of bo...
محفوظ في:
| المؤلف الرئيسي: | |
|---|---|
| مؤلفون آخرون: | , |
| منشور في: |
2025
|
| الوصول للمادة أونلاين: | https://bspace.buid.ac.ae/handle/1234/3146 |
| الوسوم: |
إضافة وسم
لا توجد وسوم, كن أول من يضع وسما على هذه التسجيلة!
|
| _version_ | 1862980618504110080 |
|---|---|
| author | Rajesh Thomas |
| author2 | Suleiman Yerima Khaled Shaalan |
| author2_role | author author |
| author_facet | Rajesh Thomas Suleiman Yerima Khaled Shaalan |
| author_role | author |
| dc.creator.none.fl_str_mv | Rajesh Thomas Suleiman Yerima Khaled Shaalan |
| dc.date.none.fl_str_mv | 2025-05-31T10:28:43Z 2025-05-31T10:28:43Z 2025 |
| dc.identifier.none.fl_str_mv | Thomas, R., Yerima, S., Shaalan, K. (2025). Leveraging Network Traffic Byte-Streams for Machine Learning Based Early Botnet Attack Detection. In: Al Marri, K., Mir, F.A., Awad, A., Abubakar, A. (eds) BUiD Doctoral Research Conference 2024. BDRC 2024. Lecture Notes in Civil Engineering, vol 587. Springer, Cham. https://doi.org/10.1007/978-3-031-84371-6_24 HB: 9783031843709 eBook: 9783031843716 https://bspace.buid.ac.ae/handle/1234/3146 |
| dc.language.none.fl_str_mv | en |
| dc.publisher.none.fl_str_mv | Springer Cham |
| dc.relation.none.fl_str_mv | Lecture Notes in Civil Engineering ; 587 |
| dc.title.none.fl_str_mv | Leveraging Network Traffic Byte-Streams for Machine Learning Based Early Botnet Attack Detection |
| dc.type.none.fl_str_mv | Book chapter |
| description | Botnet attacks can overwhelm networks and severely affect the availability of services. Anomaly based detection techniques using machine learning are effective against zero-day attacks. However, they require complex data preprocessing and feature extraction which can affect the early detection of botnet attacks. In this paper we propose a novel approach, for early detection of botnet attacks using machine learning models that learn from byte representation of raw network traffic flows. The study departs from the traditional approach of network-based intrusion detection which relies on flow statistics and other hand-crafted features. We discuss our framework which includes light weight network traffic pre-processing, transformation, and model training. We used the CTU-13 dataset to evaluate the proposed byte-based botnet detection system. Our results show that byte-based representation can provide an effective and ultra lightweight means of developing network intrusion detection systems that can match the performance of traditional approaches, while also enabling early detection of botnet attacks. In our experiments we achieved accuracy of 99.9% consistently across different byte stream sizes for the Decision Tree and Logistic Regression classifiers. |
| id | budr_d82663230dd7a5c9ea035059a189fa88 |
| identifier_str_mv | Thomas, R., Yerima, S., Shaalan, K. (2025). Leveraging Network Traffic Byte-Streams for Machine Learning Based Early Botnet Attack Detection. In: Al Marri, K., Mir, F.A., Awad, A., Abubakar, A. (eds) BUiD Doctoral Research Conference 2024. BDRC 2024. Lecture Notes in Civil Engineering, vol 587. Springer, Cham. https://doi.org/10.1007/978-3-031-84371-6_24 HB: 9783031843709 eBook: 9783031843716 |
| language_invalid_str_mv | en |
| network_acronym_str | budr |
| network_name_str | The British University in Dubai repository |
| oai_identifier_str | oai:bspace.buid.ac.ae:1234/3146 |
| publishDate | 2025 |
| publisher.none.fl_str_mv | Springer Cham |
| repository.mail.fl_str_mv | |
| repository.name.fl_str_mv | |
| repository_id_str | |
| spelling | Leveraging Network Traffic Byte-Streams for Machine Learning Based Early Botnet Attack DetectionRajesh ThomasSuleiman YerimaKhaled ShaalanBotnet attacks can overwhelm networks and severely affect the availability of services. Anomaly based detection techniques using machine learning are effective against zero-day attacks. However, they require complex data preprocessing and feature extraction which can affect the early detection of botnet attacks. In this paper we propose a novel approach, for early detection of botnet attacks using machine learning models that learn from byte representation of raw network traffic flows. The study departs from the traditional approach of network-based intrusion detection which relies on flow statistics and other hand-crafted features. We discuss our framework which includes light weight network traffic pre-processing, transformation, and model training. We used the CTU-13 dataset to evaluate the proposed byte-based botnet detection system. Our results show that byte-based representation can provide an effective and ultra lightweight means of developing network intrusion detection systems that can match the performance of traditional approaches, while also enabling early detection of botnet attacks. In our experiments we achieved accuracy of 99.9% consistently across different byte stream sizes for the Decision Tree and Logistic Regression classifiers.Springer Cham2025-05-31T10:28:43Z2025-05-31T10:28:43Z2025Book chapterThomas, R., Yerima, S., Shaalan, K. (2025). Leveraging Network Traffic Byte-Streams for Machine Learning Based Early Botnet Attack Detection. In: Al Marri, K., Mir, F.A., Awad, A., Abubakar, A. (eds) BUiD Doctoral Research Conference 2024. BDRC 2024. Lecture Notes in Civil Engineering, vol 587. Springer, Cham. https://doi.org/10.1007/978-3-031-84371-6_24HB: 9783031843709 eBook: 9783031843716https://bspace.buid.ac.ae/handle/1234/3146enLecture Notes in Civil Engineering ; 587oai:bspace.buid.ac.ae:1234/31462025-05-31T10:28:45Z |
| spellingShingle | Leveraging Network Traffic Byte-Streams for Machine Learning Based Early Botnet Attack Detection Rajesh Thomas |
| title | Leveraging Network Traffic Byte-Streams for Machine Learning Based Early Botnet Attack Detection |
| title_full | Leveraging Network Traffic Byte-Streams for Machine Learning Based Early Botnet Attack Detection |
| title_fullStr | Leveraging Network Traffic Byte-Streams for Machine Learning Based Early Botnet Attack Detection |
| title_full_unstemmed | Leveraging Network Traffic Byte-Streams for Machine Learning Based Early Botnet Attack Detection |
| title_short | Leveraging Network Traffic Byte-Streams for Machine Learning Based Early Botnet Attack Detection |
| title_sort | Leveraging Network Traffic Byte-Streams for Machine Learning Based Early Botnet Attack Detection |
| url | https://bspace.buid.ac.ae/handle/1234/3146 |