Botnet Detection Based On Machine Learning Techniques Using DNS Query Data
AbstractIn recent years, botnets have become one of the major threats to information security because they have been constantly evolving in both size and sophistication. A number of botnet detection measures, such as honeynet-based and Intrusion Detection System (IDS)-based, have been proposed. However, IDS-based solutions that use signatures seem to be ineffective because recent botnets are equipped with sophisticated code update and evasion techniques. A number of studies have shown that abnormal botnet detection methods are more effective than signature-based methods because anomaly-based botnet detection methods do not require pre-built botnet signatures and hence they have the capability to detect new or unknown botnets. In this direction, this paper proposes a botnet detection model based on machine learning using Domain Name Service query data and evaluates its effectiveness using popular machine learning techniques. Experimental results show that machine learning algorithms can be used effectively in botnet detection and the random forest algorithm produces the best overall detection accuracy of over 90%. View Full-Text
Share & Cite This Article
Hoang, X.D.; Nguyen, Q.C. Botnet Detection Based On Machine Learning Techniques Using DNS Query Data. Future Internet 2018, 10, 43.
Hoang XD, Nguyen QC. Botnet Detection Based On Machine Learning Techniques Using DNS Query Data. Future Internet. 2018; 10(5):43.Chicago/Turabian Style
Hoang, Xuan D.; Nguyen, Quynh C. 2018. "Botnet Detection Based On Machine Learning Techniques Using DNS Query Data." Future Internet 10, no. 5: 43.
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.