TY - GEN
T1 - A Confidence-Based Voting Classifier Ensemble for Effective Decentralized Botnet Detection in Network Traffic
AU - Salim, Bambang Marsudi
AU - Ahmad, Tohari
AU - Rachman Putra, Muhammad Aidiel
N1 - Publisher Copyright:
© 2024 IEEE.
PY - 2024
Y1 - 2024
N2 - Botnet attacks are increasingly sophisticated and complex, threatening the security of personal data and critical infrastructure in various sectors. Both centralized and decentralized botnet attacks have become a serious threat in the digital world. Most existing research only focuses on detecting botnet activity without identifying the type of botnet. Meanwhile, detecting decentralized botnet attacks is a major challenge due to their stealthy nature and ability to obscure their activities in network traffic. Therefore, this research proposes a multi-faceted method using ensemble voting techniques to detect the presence of decentralized botnets. The method begins with data preprocessing and architecture analysis to ensure its quality and understand its structure. Next, an ensemble model is formed by combining predictions from three machine learning algorithms: Decision Tree, Extreme Gradient Boosting, and k-nearest neighbor. A soft voting method is applied, considering the prediction probability of each model and assigning the final prediction based on the average of the overall probabilities. This research evaluates the approach using a dataset that contains various botnet attack scenarios, including decentralized attacks. Experimental results show excellent and consistent performance of the VotingClassifier ensemble model in various scenarios with 99.11% accuracy, 99.10% precision, 99.11% recall and 99.10% F1-score. In general, the performance of the proposed ensemble method is proven to be better than classification methods with a single algorithm.
AB - Botnet attacks are increasingly sophisticated and complex, threatening the security of personal data and critical infrastructure in various sectors. Both centralized and decentralized botnet attacks have become a serious threat in the digital world. Most existing research only focuses on detecting botnet activity without identifying the type of botnet. Meanwhile, detecting decentralized botnet attacks is a major challenge due to their stealthy nature and ability to obscure their activities in network traffic. Therefore, this research proposes a multi-faceted method using ensemble voting techniques to detect the presence of decentralized botnets. The method begins with data preprocessing and architecture analysis to ensure its quality and understand its structure. Next, an ensemble model is formed by combining predictions from three machine learning algorithms: Decision Tree, Extreme Gradient Boosting, and k-nearest neighbor. A soft voting method is applied, considering the prediction probability of each model and assigning the final prediction based on the average of the overall probabilities. This research evaluates the approach using a dataset that contains various botnet attack scenarios, including decentralized attacks. Experimental results show excellent and consistent performance of the VotingClassifier ensemble model in various scenarios with 99.11% accuracy, 99.10% precision, 99.11% recall and 99.10% F1-score. In general, the performance of the proposed ensemble method is proven to be better than classification methods with a single algorithm.
KW - botnet detection
KW - information security
KW - machine learning
KW - network architecture
KW - network security
KW - voting classifier
UR - https://www.scopus.com/pages/publications/85214689623
U2 - 10.1109/ICITCOM62788.2024.10762459
DO - 10.1109/ICITCOM62788.2024.10762459
M3 - Conference contribution
AN - SCOPUS:85214689623
T3 - Proceedings - 2024 International Conference on Information Technology and Computing, ICITCOM 2024
SP - 201
EP - 206
BT - Proceedings - 2024 International Conference on Information Technology and Computing, ICITCOM 2024
A2 - Chen, Hsing-Chung
A2 - Mashor, Mohd Yusoff Bin
A2 - Damarjati, Cahya
A2 - Jusman, Yessi
A2 - Alamsyah, Nurwahyu
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2024 International Conference on Information Technology and Computing, ICITCOM 2024
Y2 - 7 August 2024 through 8 August 2024
ER -