Next Article in Journal
Studying Semi-TCP and Its Application in Marine Internet
Previous Article in Journal
Test Bed of Semantic Interaction of Smart Objects in the Web of Things
Article Menu
Issue 5 (May) cover image

Export Article

Open AccessArticle
Future Internet 2018, 10(5), 43; https://doi.org/10.3390/fi10050043

Botnet Detection Based On Machine Learning Techniques Using DNS Query Data

1
Posts and Telecommunications Institute of Technology, Hanoi 100000, Vietnam
2
Samsung SVMC, Hanoi 100000, Vietnam
*
Author to whom correspondence should be addressed.
Received: 26 April 2018 / Revised: 15 May 2018 / Accepted: 16 May 2018 / Published: 18 May 2018
(This article belongs to the Section Big Data and Augmented Intelligence)
Full-Text   |   PDF [636 KB, uploaded 18 May 2018]   |  

Abstract

In recent years, botnets have become one of the major threats to information security because they have been constantly evolving in both size and sophistication. A number of botnet detection measures, such as honeynet-based and Intrusion Detection System (IDS)-based, have been proposed. However, IDS-based solutions that use signatures seem to be ineffective because recent botnets are equipped with sophisticated code update and evasion techniques. A number of studies have shown that abnormal botnet detection methods are more effective than signature-based methods because anomaly-based botnet detection methods do not require pre-built botnet signatures and hence they have the capability to detect new or unknown botnets. In this direction, this paper proposes a botnet detection model based on machine learning using Domain Name Service query data and evaluates its effectiveness using popular machine learning techniques. Experimental results show that machine learning algorithms can be used effectively in botnet detection and the random forest algorithm produces the best overall detection accuracy of over 90%. View Full-Text
Keywords: botnet detection; botnet detection model; machine learning-based botnet detection; domain generation algorithm botnet detection; fast flux botnet detection botnet detection; botnet detection model; machine learning-based botnet detection; domain generation algorithm botnet detection; fast flux botnet detection
Figures

Figure 1

This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited (CC BY 4.0).
SciFeed

Share & Cite This Article

MDPI and ACS Style

Hoang, X.D.; Nguyen, Q.C. Botnet Detection Based On Machine Learning Techniques Using DNS Query Data. Future Internet 2018, 10, 43.

Show more citation formats Show less citations formats

Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Related Articles

Article Metrics

Article Access Statistics

1

Comments

[Return to top]
Future Internet EISSN 1999-5903 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top