BotDetectorFW: An optimized Botnet Detection Framework based on Five Features-Distance Measures supported by Comparisons of Four machine learning Classifiers using CICIDS2017 Dataset

Aya Fadhil Jabbar, Imad Jassim Mohammed

Abstract


A Botnet is one of many attacks that can execute malicious tasks and develop continuously. Therefore, current research introduces a comparison framework, called BotDetectorFW, with classification and complexity improvements for the detection of Botnet attack using CICIDS2017 dataset. It is a free online dataset consists of several attacks with high-dimensions features. The process of feature selection is a significant step to obtain the least features by eliminating irrelated features and consequently reduces the detection time. This process implemented inside BotDetectorFW using two steps; data clustering and five distance measure formulas (Cosine, Dice, DRIVER & KROEBER, Overlap, and Pearson Correlation) using C#, followed by selecting the best N features used as input into four classifier algorithms evaluated using machine learning (WEKA); MultilayerPerceptron, JRip, IBK, and Random Forest. In BotDetectorFW, the thoughtful and diligent cleaning of the dataset within the preprocessing stage beside the normalization, binary clustering of its features, followed by the adapting of feature selection based on suitable feature distance techniques, and finalized by testing of selected classification algorithms. All together contributed in satisfying the high-performance metrics using fewer features number (8 features as minimum) compared to and outperforms other methods found in the literature that adopted (10 features or higher) using the same dataset. Furthermore, the results and performance evaluation of BotDetectorFM shows a competitive impact in terms of classification accuracy (ACC), Precision (Pr), Recall (Rc), and F-Measure (F1) metrics.


Keywords


Security , Data mining



DOI: http://doi.org/10.11591/ijeecs.v21.i1.pp%25p
Total views : 14 times

Refbacks

  • There are currently no refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

shopify stats IJEECS visitor statistics