Abstract
There have been numerous studies proposed for detecting botnets in the literature. However, it is still a challenging issue as most of the proposed systems are unable to detect botnets in their early stage and they cannot perform satisfying performance on new forms of botnets. In this study, we propose an evolutionary computation-based approach that relies on grammatical evolution to generate a botnet detection algorithm automatically. The performance of the proposed flow-based detection system reveals that it detects botnets accurately in their very early stage and performs better than most of the existing methods.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Karim, A., Salleh, R.B., Shiraz, M., Shah, S.A.A., Awan, I., Anuar, N.B.: Botnet detection techniques: review, future trends, and issues. J. Zhejiang Univ. Sci. C 15(11), 943–983 (2014)
Huseynov, K., Kim, K., Yoo, P.D.: Semi-supervised botnet detection using ant colony clustering. In: Proceedings of Symposium on Cryptography and Information Security (SCIS), pp. 1–7 (2014)
Narang, P., Reddy, J.M., Hota, C.: Feature selection for detection of peer-to-peer botnet traffic. In: Proceedings of the 6th ACM India Computing Convention, Compute 2013, pp. 16:1–16:9. ACM, New York (2013)
Kirubavathi Venkatesh, G., Anitha Nadarajan, R.: HTTP botnet detection using adaptive learning rate multilayer feed-forward neural network. In: Askoxylakis, I., Pöhls, H.C., Posegga, J. (eds.) WISTP 2012. LNCS, vol. 7322, pp. 38–48. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-30955-7_5
Kirubavathi, G., Anitha, R.: Botnet detection via mining of traffic flow characteristics. Comput. Electr. Eng. 50, 91–101 (2016)
Nogueira, A., Salvador, P., Blessa, F.: A botnet detection system based on neural networks. In: 2010 Fifth International Conference on Digital Telecommunications, pp. 57–62, June 2010
Saad, S., et al.: Detecting P2P botnets through network behavior analysis and machine learning. In: 2011 Ninth Annual International Conference on Privacy, Security and Trust, pp. 174–180, July 2011
Wang, K., Huang, C.Y., Lin, S.J., Lin, Y.D.: A fuzzy pattern-based filtering algorithm for botnet detection. Comput. Netw. 55(15), 3275–3286 (2011)
Livadas, C., Walsh, R., Lapsley, D., Strayer, W.T.: Using machine learning techniques to identify botnet traffic. In: Proceedings. 2006 31st IEEE Conference on Local Computer Networks, pp. 967–974, November 2006
Fedynyshyn, G., Chuah, M.C., Tan, G.: Detection and classification of different botnet C&C channels. In: Calero, J.M.A., Yang, L.T., Mármol, F.G., García Villalba, L.J., Li, A.X., Wang, Y. (eds.) ATC 2011. LNCS, vol. 6906, pp. 228–242. (2011). https://doi.org/10.1007/978-3-642-23496-5_17
O’Neill, M., Ryan, C.: Grammatical evolution. IEEE Trans. Evol. Comput. 5(4), 349–358 (2001)
Ryan, C., Collins, J.J., Neill, M.O.: Grammatical evolution: evolving programs for an arbitrary language. In: Banzhaf, W., Poli, R., Schoenauer, M., Fogarty, T.C. (eds.) EuroGP 1998. LNCS, vol. 1391, pp. 83–96. Springer, Heidelberg (1998). https://doi.org/10.1007/BFb0055930
CICFlowMeter: Network Traffic Flow Analyzer. http://netflowmeter.ca/netflowmeter.html. Accessed 25 Nov 2018
jnetpcap. http://jnetpcap.com. Accessed 01 July 2018
ECJ: A java-based evolutionary computation research system (2017). https://www.cs.gmu.edu/eclab/projects/ecj/
Sharafaldin, I., Lashkari, A.H., Ghorbani, A.A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: Proceedings of the 4th International Conference on Information Systems Security and Privacy. SciTePress - Science and Technology Publications (2018)
Lu, W., Rammidi, G., Ghorbani, A.A.: Clustering botnet communication traffic based on n-gram feature selection. Comput. Commun. 34(3), 502–514 (2011). Special Issue of Computer Communications on Information and Future Communication Security
Henderson, T., Kotz, D., Abyzov, I.: The changing usage of a mature campus-wide wireless network. In: Proceedings of the 10th Annual International Conference on Mobile Computing and Networking, MobiCom 2004, pp. 187–201. ACM, New York (2004)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Yilmaz, S., Sen, S. (2019). Early Detection of Botnet Activities Using Grammatical Evolution. In: Kaufmann, P., Castillo, P. (eds) Applications of Evolutionary Computation. EvoApplications 2019. Lecture Notes in Computer Science(), vol 11454. Springer, Cham. https://doi.org/10.1007/978-3-030-16692-2_26
Download citation
DOI: https://doi.org/10.1007/978-3-030-16692-2_26
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-16691-5
Online ISBN: 978-3-030-16692-2
eBook Packages: Computer ScienceComputer Science (R0)