IDEAS home Printed from https://ideas.repec.org/a/gam/jftint/v10y2018i5p43-d147759.html
   My bibliography  Save this article

Botnet Detection Based On Machine Learning Techniques Using DNS Query Data

Author

Listed:
  • Xuan Dau Hoang

    (Posts and Telecommunications Institute of Technology, Hanoi 100000, Vietnam)

  • Quynh Chi Nguyen

    (Samsung SVMC, Hanoi 100000, Vietnam)

Abstract

In recent years, botnets have become one of the major threats to information security because they have been constantly evolving in both size and sophistication. A number of botnet detection measures, such as honeynet-based and Intrusion Detection System (IDS)-based, have been proposed. However, IDS-based solutions that use signatures seem to be ineffective because recent botnets are equipped with sophisticated code update and evasion techniques. A number of studies have shown that abnormal botnet detection methods are more effective than signature-based methods because anomaly-based botnet detection methods do not require pre-built botnet signatures and hence they have the capability to detect new or unknown botnets. In this direction, this paper proposes a botnet detection model based on machine learning using Domain Name Service query data and evaluates its effectiveness using popular machine learning techniques. Experimental results show that machine learning algorithms can be used effectively in botnet detection and the random forest algorithm produces the best overall detection accuracy of over 90%.

Suggested Citation

  • Xuan Dau Hoang & Quynh Chi Nguyen, 2018. "Botnet Detection Based On Machine Learning Techniques Using DNS Query Data," Future Internet, MDPI, vol. 10(5), pages 1-11, May.
  • Handle: RePEc:gam:jftint:v:10:y:2018:i:5:p:43-:d:147759
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/1999-5903/10/5/43/pdf
    Download Restriction: no

    File URL: https://www.mdpi.com/1999-5903/10/5/43/
    Download Restriction: no
    ---><---

    References listed on IDEAS

    as
    1. Xingguo Li & Junfeng Wang & Xiaosong Zhang, 2017. "Botnet Detection Technology Based on DNS," Future Internet, MDPI, vol. 9(4), pages 1-12, September.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Sangita Baruah & Dhruba Jyoti Borah & Vaskar Deka, 2023. "Detection of Peer-to-Peer Botnet Using Machine Learning Techniques and Ensemble Learning Algorithm," International Journal of Information Security and Privacy (IJISP), IGI Global, vol. 17(1), pages 1-16, January.
    2. Simon Nam Thanh Vu & Mads Stege & Peter Issam El-Habr & Jesper Bang & Nicola Dragoni, 2021. "A Survey on Botnets: Incentives, Evolution, Detection and Current Trends," Future Internet, MDPI, vol. 13(8), pages 1-43, July.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.

      Corrections

      All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jftint:v:10:y:2018:i:5:p:43-:d:147759. See general information about how to correct material in RePEc.

      If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

      If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

      If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

      For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

      Please note that corrections may take a couple of weeks to filter through the various RePEc services.

      IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.