Botnet Detection Using Recurrent Variational Autoencoder

• URL: http://arxiv.org/abs/2004.00234v1
• Date: Wed, 1 Apr 2020 05:03:34 GMT
• Title: Botnet Detection Using Recurrent Variational Autoencoder
• Authors: Jeeyung Kim, Alex Sim, Jinoh Kim, Kesheng Wu
• Abstract summary: Botnets are increasingly used by malicious actors, creating increasing threat to a large number of internet users. We propose a novel machine learning based method, named Recurrent Variational Autoencoder (RVAE), for detecting botnets. Tests show RVAE is able to detect botnets with the same accuracy as the best known results published in literature.
• Score: 4.486436314247216
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Botnets are increasingly used by malicious actors, creating increasing threat to a large number of internet users. To address this growing danger, we propose to study methods to detect botnets, especially those that are hard to capture with the commonly used methods, such as the signature based ones and the existing anomaly-based ones. More specifically, we propose a novel machine learning based method, named Recurrent Variational Autoencoder (RVAE), for detecting botnets through sequential characteristics of network traffic flow data including attacks by botnets. We validate robustness of our method with the CTU-13 dataset, where we have chosen the testing dataset to have different types of botnets than those of training dataset. Tests show that RVAE is able to detect botnets with the same accuracy as the best known results published in literature. In addition, we propose an approach to assign anomaly score based on probability distributions, which allows us to detect botnets in streaming mode as the new networking statistics becomes available. This on-line detection capability would enable real-time detection of unknown botnets.

Related papers

• My Brother Helps Me: Node Injection Based Adversarial Attack on Social Bot Detection [69.99192868521564]
  Social platforms such as Twitter are under siege from a multitude of fraudulent users. Due to the structure of social networks, the majority of methods are based on the graph neural network(GNN), which is susceptible to attacks. We propose a node injection-based adversarial attack method designed to deceive bot detection models.
  arXiv  Detail & Related papers  (2023-10-11T03:09:48Z)
• Adversarial Explainability: Utilizing Explainable Machine Learning in Bypassing IoT Botnet Detection Systems [0.0]
  Botnet detection based on machine learning has witnessed significant leaps in recent years. adversarial attacks on machine learning-based cybersecurity systems are posing a significant threat to these solutions. In this paper, we introduce a novel attack that utilizes machine learning model's explainability in evading detection by botnet detection systems.
  arXiv  Detail & Related papers  (2023-09-29T18:20:05Z)
• A Robust and Explainable Data-Driven Anomaly Detection Approach For Power Electronics [56.86150790999639]
  We present two anomaly detection and classification approaches, namely the Matrix Profile algorithm and anomaly transformer. The Matrix Profile algorithm is shown to be well suited as a generalizable approach for detecting real-time anomalies in streaming time-series data. A series of custom filters is created and added to the detector to tune its sensitivity, recall, and detection accuracy.
  arXiv  Detail & Related papers  (2022-09-23T06:09:35Z)
• DAE : Discriminatory Auto-Encoder for multivariate time-series anomaly detection in air transportation [68.8204255655161]
  We propose a novel anomaly detection model called Discriminatory Auto-Encoder (DAE) It uses the baseline of a regular LSTM-based auto-encoder but with several decoders, each getting data of a specific flight phase. Results show that the DAE achieves better results in both accuracy and speed of detection.
  arXiv  Detail & Related papers  (2021-09-08T14:07:55Z)
• Improving Botnet Detection with Recurrent Neural Network and Transfer Learning [5.602292536933117]
  Botnet detection is a critical step in stopping the spread of botnets and preventing malicious activities. Recent approaches employing machine learning (ML) showed improved performance than earlier ones. We propose a novel botnet detection method, built upon Recurrent Variational Autoencoder (RVAE)
  arXiv  Detail & Related papers  (2021-04-26T14:05:01Z)
• Optimized Random Forest Model for Botnet Detection Based on DNS Queries [8.641714871787595]
  Domain Name System (DNS) protocol has several security vulnerabilities. One promising solution to detect DNS-based botnet attacks is adopting machine learning (ML) based solutions. This paper proposes a novel optimized ML-based framework to detect botnets based on their corresponding DNS queries.
  arXiv  Detail & Related papers  (2020-12-16T16:34:11Z)
• Mobile Botnet Detection: A Deep Learning Approach Using Convolutional Neural Networks [0.0]
  We present a deep learning approach for Android botnet detection based on Convolutional Neural Networks (CNN) Our proposed botnet detection system is implemented as a CNN-based model that is trained on 342 static app features to distinguish between botnet apps and normal apps. The trained botnet detection model was evaluated on a set of 6,802 real applications containing 1,929 botnets from the publicly available ISCX botnet dataset.
  arXiv  Detail & Related papers  (2020-07-01T06:19:12Z)
• Detection of Novel Social Bots by Ensembles of Specialized Classifiers [60.63582690037839]
  Malicious actors create inauthentic social media accounts controlled in part by algorithms, known as social bots, to disseminate misinformation and agitate online discussion. We show that different types of bots are characterized by different behavioral features. We propose a new supervised learning method that trains classifiers specialized for each class of bots and combines their decisions through the maximum rule.
  arXiv  Detail & Related papers  (2020-06-11T22:59:59Z)
• BeCAPTCHA-Mouse: Synthetic Mouse Trajectories and Improved Bot Detection [78.11535724645702]
  We present BeCAPTCHA-Mouse, a bot detector based on a neuromotor model of mouse dynamics. BeCAPTCHA-Mouse is able to detect bot trajectories of high realism with 93% of accuracy in average using only one mouse trajectory.
  arXiv  Detail & Related papers  (2020-05-02T17:40:49Z)
• Automating Botnet Detection with Graph Neural Networks [106.24877728212546]
  Botnets are now a major source for many network attacks, such as DDoS attacks and spam. In this paper, we consider the neural network design challenges of using modern deep learning techniques to learn policies for botnet detection automatically.
  arXiv  Detail & Related papers  (2020-03-13T15:34:33Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.