TY - GEN
T1 - Analyzing the Effect of Network Traffic Segmentation on the Accuracy of Botnet Activity Detection
AU - Putra, Muhammad Aidiel Rachman
AU - Yuhana, Umi Laili
AU - Ahmad, Tohari
AU - Hostiadi, Dandy Pramana
N1 - Publisher Copyright:
© 2022 IEEE.
PY - 2022
Y1 - 2022
N2 - Botnet is known as a dangerous threat in computer networks. Malicious activities from bots include phishing, sending spam messages, click misrepresentation, spreading malicious programming and activities of Distributed Denial of Service (DDoS) attacks. Thus, it needs to be handled appropriately. Some research proposed a botnet detection model using segmentation analysis on network traffic data. However, it has not shown the optimal segmentation time and analyzed the effect of the segmentation process on increasing detection accuracy. This paper proposes a Botnet activity detection model using machine learning classification by involving the segmentation process. The proposed classification model contributes to the segmentation analysis process to obtain the optimal traffic segment and segment time. The purpose of the proposed model is to analyze the segmentation process to increase the accuracy of Botnet activity detection. The results of testing on two different datasets show that the classification model using segmentation can increase the detection accuracy of Botnet activity. Two classification algorithms that can produce the best detection accuracy are Random Forest of 99.95% and Decision Tree algorithm of 99.92%. This accuracy value is higher than previous research by testing using the same classification algorithm and dataset.
AB - Botnet is known as a dangerous threat in computer networks. Malicious activities from bots include phishing, sending spam messages, click misrepresentation, spreading malicious programming and activities of Distributed Denial of Service (DDoS) attacks. Thus, it needs to be handled appropriately. Some research proposed a botnet detection model using segmentation analysis on network traffic data. However, it has not shown the optimal segmentation time and analyzed the effect of the segmentation process on increasing detection accuracy. This paper proposes a Botnet activity detection model using machine learning classification by involving the segmentation process. The proposed classification model contributes to the segmentation analysis process to obtain the optimal traffic segment and segment time. The purpose of the proposed model is to analyze the segmentation process to increase the accuracy of Botnet activity detection. The results of testing on two different datasets show that the classification model using segmentation can increase the detection accuracy of Botnet activity. Two classification algorithms that can produce the best detection accuracy are Random Forest of 99.95% and Decision Tree algorithm of 99.92%. This accuracy value is higher than previous research by testing using the same classification algorithm and dataset.
KW - Intrusion Detection System
KW - botnet detection
KW - network infrastructure
KW - network security
KW - segmentation traffic
UR - http://www.scopus.com/inward/record.url?scp=85149143020&partnerID=8YFLogxK
U2 - 10.1109/CENIM56801.2022.10037365
DO - 10.1109/CENIM56801.2022.10037365
M3 - Conference contribution
AN - SCOPUS:85149143020
T3 - Proceeding of the International Conference on Computer Engineering, Network and Intelligent Multimedia, CENIM 2022
SP - 321
EP - 326
BT - Proceeding of the International Conference on Computer Engineering, Network and Intelligent Multimedia, CENIM 2022
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2022 International Conference on Computer Engineering, Network and Intelligent Multimedia, CENIM 2022
Y2 - 22 November 2022 through 23 November 2022
ER -