Optimizing Multi-Class Botnet Detection Models to Detect SPAM Botnets with Feature Selection Methods: A Comparative Analysis

Java Kanaya Prada, Tohari Ahmad*, Dandy Pramana Hostiadi, Muhammad Aidiel Rachman Putra

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

Abstract

A botnet involves the use of illegal software to carry out malicious activities that pose a threat to network security, particularly through spam attack activities. Many studies have focused on developing detection models to categorize network activities as either botnet or non-botnet. However, there is still a need for research to identify spam activities within botnet activities, including improving the feature selection process. The aim of this research is to identify feature selection methods that can improve machine learning models for botnet detection, particularly in SPAM botnet detection. To address this, our research implements feature selection methods as a preprocessing step before classifying network activity data using a decision tree algorithm for botnet spam detection with multi-class classification. Feature selection during the data preprocessing phase is crucial, as it has been shown to enhance the performance of detection models. In this study, eight types of feature selection methods were implemented, yielding mixed results. Experimental findings indicate that the classification method using a decision tree without feature selection produced the best overall results, achieving a macro average F1-Score of 91.18%, a weighted average Precision of 99.07%, a Recall of 99.03%, an F1-Score of 99.05%, and an Accuracy rate of 99.03%. SelectKBest with chi2 Feature Selection slightly outperformed other methods in detecting SPAM Botnets, with a Recall of 87.93% and an F1-Score of 79.68%.

Original languageEnglish
Pages (from-to)1339-1345
Number of pages7
JournalInternational Journal of Safety and Security Engineering
Volume14
Issue number4
DOIs
Publication statusPublished - Aug 2024

Keywords

  • botnet detection
  • feature selection
  • machine learning
  • network security
  • spam

Fingerprint

Dive into the research topics of 'Optimizing Multi-Class Botnet Detection Models to Detect SPAM Botnets with Feature Selection Methods: A Comparative Analysis'. Together they form a unique fingerprint.

Cite this