TY - GEN
T1 - Detecting Botnet Spam Activity by Analyzing Network Traffic Using Two-Stack Decision Tree Algorithms
AU - Putra, Muhammad Aidiel Rachman
AU - Ahmad, Tohari
AU - Ijtihadie, Royyana Muslim
AU - Hostiadi, Dandy Pramana
N1 - Publisher Copyright:
© 2023 IEEE.
PY - 2023
Y1 - 2023
N2 - Botnets are a type of malware that threatens network security. One of the frequently encountered botnet threats is SPAM. Many studies focus on building detection models to classify botnet and non-botnet activities in network flows. Thus, research that can specifically differentiate SPAM from botnet activities is quite challenging. This paper proposes a model to detect SPAM botnet activity in network traffic using two-stack decision tree algorithms. The first stack of the model focuses on classifying network traffic into botnet and normal activity classes. Meanwhile, the second stack classifies botnet activity into two types: spam botnets and non-spam botnets. The experimental results show that the proposed model performs better than the Decision Tree model, which detects three activity classes directly. Performance evaluation of the proposed model succeeded in getting a value of 97.19% accuracy, 97.13% precision, 97.19% recall. and 97.12%F'1-score.
AB - Botnets are a type of malware that threatens network security. One of the frequently encountered botnet threats is SPAM. Many studies focus on building detection models to classify botnet and non-botnet activities in network flows. Thus, research that can specifically differentiate SPAM from botnet activities is quite challenging. This paper proposes a model to detect SPAM botnet activity in network traffic using two-stack decision tree algorithms. The first stack of the model focuses on classifying network traffic into botnet and normal activity classes. Meanwhile, the second stack classifies botnet activity into two types: spam botnets and non-spam botnets. The experimental results show that the proposed model performs better than the Decision Tree model, which detects three activity classes directly. Performance evaluation of the proposed model succeeded in getting a value of 97.19% accuracy, 97.13% precision, 97.19% recall. and 97.12%F'1-score.
KW - botnet detection
KW - machine learning
KW - network infrastructure
KW - network security
KW - spam
UR - http://www.scopus.com/inward/record.url?scp=85182941426&partnerID=8YFLogxK
U2 - 10.1109/ICoSNIKOM60230.2023.10364480
DO - 10.1109/ICoSNIKOM60230.2023.10364480
M3 - Conference contribution
AN - SCOPUS:85182941426
T3 - 2023 IEEE International Conference of Computer Science and Information Technology: The Role of Artificial Intelligence Technology in Human and Computer Interactions in the Industrial Era 5.0, ICOSNIKOM 2023
BT - 2023 IEEE International Conference of Computer Science and Information Technology
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 7th IEEE International Conference of Computer Science and Information Technology, ICOSNIKOM 2023
Y2 - 10 November 2023 through 11 November 2023
ER -