Detecting botnet by using particle swarm optimization algorithm based on voting system

Botnets have recently been identified as serious Internet threats that are continually developing and expanding. Identifying botnets in the domain of network security is regarded as a new challenge and topic for research. There are several methods for detecting botnets in networks, and prior researc...

Full description

Saved in:
Bibliographic Details
Published in:Future generation computer systems 2020-06, Vol.107, p.95-111
Main Authors: Asadi, Mehdi, Jabraeil Jamali, Mohammad Ali, Parsa, Saeed, Majidnezhad, Vahid
Format: Article
Language:English
Subjects:
Botnet detection
Deep learning
Internet of things botnets
PSO algorithm
Voting system
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Botnets have recently been identified as serious Internet threats that are continually developing and expanding. Identifying botnets in the domain of network security is regarded as a new challenge and topic for research. There are several methods for detecting botnets in networks, and prior research has encountered problems, including a high error and inaccuracy in detection. In this paper, the botnet detection method by using a hybrid of particle swarm optimization (PSO) algorithm with a voting system (BD-PSO-V) was used to improve the challenges of previous studies. The PSO algorithm was employed to select outstanding and effective features in the detection of botnets. The voting system, including a deep neural network algorithm, support vector machine (SVM), and decision tree C4.5, were utilized to identify botnets and classify samples. The decision-making strategy of the voting system was based on maximum votes, and the most important innovation of this research was to combine the PSO feature selection algorithm with a voting system using deep learning to identify botnets. Two datasets, ISOT and Bot-IoT, were employed to further verify the BD-PSO-V system performance. BD-PSO-V simulation improved the accuracy by an average of ∼0.42% and 0.17% in the ISOT dataset and the Bot-IoT dataset, respectively, compared to the other methods investigated. In addition, the effect of six well-known adversarial attacks on both datasets was evaluated. Despite a slight drop in accuracy rate, BD-PSO-V results had a promising performance against a variety of attacks. •The Xmeans algorithm was used for preprocessing of dataset and eliminating outlier.•The PSO algorithm was aimed at selecting outstanding features out of all features.•Challenges for using deep learning in the voting system were addressed.•Proposed BD-PSO-V system was independent of propagation protocol and encrypted C&C.•The effect of six famous adversarial attacks on a BD-PSO-V system was evaluated.
ISSN:0167-739X
1872-7115
DOI:10.1016/j.future.2020.01.055