Hybrid AI Models Combining Machine-Deep Learning for Botnet Identification
Main Article Content
Abstract
The botnet is considered a highly advanced vulnerability threat. Threats to smart systems and data integrity posed by botnet assaults have grown in importance alongside the proliferation of IoT networks, making them a major topic in cybersecurity discussions. Current detection systems frequently fail to accurately classify various attack types, manage data with high dimensions, or record attack trends over time. To efficiently detect botnets, this work aims to construct a robust hybrid AI model utilizing the BOT-IOT dataset, which encompasses both common and unusual attack types, including reconnaissance, DoS/DDoS, and information theft. The proposed methodology combines LSTM networks for temporal pattern recognition, Decision Trees (DT) for feature-based classification, and Logistic Regression (LR) for high-dimensional multiclass prediction, with aggregated final predictions to enhance stability and accuracy. During data preprocessing, missing value handling, categorical variable encoding, and consistent feature scaling using Min-Max normalization were all part of the procedure. The hybrid model achieved 99% accuracy, recall, and F1-score, with an AUC-ROC of 0.9895, surpassing established methods such as C4.5, KNN, and weighted ego network with LDA, as well as individual models (LSTM: 97%, DT: 94%, LR: 95%). These findings support improved, balanced, and real-time IoT botnet detection for smart city cybersecurity.
Article Details
Section
References
[1] S. Miller and C. Busby-Earle, ―The role of machine learning in botnet detection,‖ in 2016 11th International
Conference for Internet Technology and Secured Transactions (ICITST), IEEE, Dec. 2016, pp. 359–364. doi:
10.1109/ICITST.2016.7856730.
[2] C. D. McDermott, F. Majdani, and A. V. Petrovski, ―Botnet Detection in the Internet of Things using Deep
Learning Approaches,‖ in 2018 International Joint Conference on Neural Networks (IJCNN), IEEE, Jul. 2018, pp.
1–8. doi: 10.1109/IJCNN.2018.8489489.
[3] Gopi, ―Zero Trust Security Architectures for Large-Scale Cloud Workloads,‖ Int. J. Res. Anal. Rev., vol. 5, no.
2, pp. 960–965, 2018.
[4] S. Haq and Y. Singh, ―Botnet Detection using Machine Learning,‖ in 2018 Fifth International Conference on
Parallel, Distributed and Grid Computing (PDGC), IEEE, Dec. 2018, pp. 240–245. doi:
10.1109/PDGC.2018.8745912.
[5] D. D. Rao, ―Multimedia-Based Intelligent Content Networking for Future Internet,‖ in 2009 Third UKSim
European Symposium on Computer Modeling and Simulation, 2009, pp. 55–59. doi: 10.1109/EMS.2009.108.
[6] H.-T. Nguyen, Q.-D. Ngo, D.-H. Nguyen, and V.-H. Le, ―PSI-rooted subgraph: A novel feature for IoT botnet
detection using classifier algorithms,‖ ICT Express, vol. 6, no. 2, pp. 128–138, Jun. 2020, doi:
10.1016/j.icte.2019.12.001.
[7] Satish Kumar Nalluri, Venkata Krishna Bharadwaj Parasaram, Varun Teja Bathini. (2020). Secure Automation
Frameworks for Smart Manufacturing Using Blockchain-Assisted Traceability. International Journal of Research &
Technology, 8(2), 47–53. Retrieved from https://ijrt.org/j/article/view/879
[8] V. M. L. G. Nerella, ―Observability-Driven SRE Practices for Proactive Database Reliability and Rapid
Incident Response,‖ Int. J. Recent Innov. Trends Comput. Commun., vol. 7, no. 8, pp. 32–38, Aug. 2019, doi:10.17762/ijritcc.v7i8.11710.
[9] S. S. S. Neeli, ―Real-Time Data Management with In-Memory Databases: A Performance-Centric Approach,‖
J. Adv. Dev. Res., vol. 11, no. 2, p. 8, 2020.
[10] D. K. Bhattacharyya and J. K. Kalita, DDoS Attacks Evolution, Detection, Prevention, Reaction, and
Tolerance. 2016. doi: 10.1201/b20614.
[11] S. S. S. Neeli, ―Optimizing Database Management with DevOps: Strategies and Real-World Examples,‖ J. Adv.
Dev. Res., vol. 11, no. 1, 2020.
[12] A. Thapliyal, P. S. Bhagavathi, T. Arunan, and D. D. Rao, ―Realizing Zones Using UPnP,‖ in 2009 6th IEEE
Consumer Communications and Networking Conference, 2009, pp. 1–5. doi: 10.1109/CCNC.2009.4784867.
[13] A. Balasubramanian and N. Gurushankar, ―Building secure cybersecurity infrastructure: integrating AI and
hardware for real-time threat analysis,‖ Int. J. Core Eng. Manag., vol. 6, no. 7, pp. 263–270, 2020.
[14] T. A. Tuan, H. V. Long, L. H. Son, R. Kumar, I. Priyadarshini, and N. T. K. Son, ―Performance evaluation of
Botnet DDoS attack detection using machine learning,‖ Evol. Intell., 2020, doi: 10.1007/s12065-019-00310-w.
[15] Y. N. Soe, Y. Feng, P. I. Santosa, R. Hartanto, and K. Sakurai, ―Machine Learning-Based IoT-Botnet Attack
Detection with Sequential Architecture,‖ Sensors, vol. 20, no. 16, p. 4372, Aug. 2020, doi: 10.3390/s20164372.
[16] A. Balasubramanian, ―AI-Driven Optimization of Urban Mobility: Integrating Autonomous Vehicles with
Real-Time Traffic and Infrastructure Analytics,‖ Int. J. Innov. Res. Creat. Technol., vol. 5, no. 5, pp. 1–13, 2019.
[17] V. M. L. G. Nerella, ―MIGRATE: A Rollback-Enabled Framework for Automated Oracle XTTS-Based Cross-
Platform Database Migrations,‖ J. Electr. Syst., vol. 14, no. 4, pp. 85–95, Jan. 2024, doi: 10.52783/jes.9054.
[18] J. Kim, M. Shim, S. Hong, Y. Shin, and E. Choi, ―Intelligent Detection of IoT Botnets Using Machine Learning
and Deep Learning,‖ Appl. Sci., vol. 10, no. 19, p. 7009, Oct. 2020, doi: 10.3390/app10197009.
[18] M. N. Injadat, A. Moubayed, and A. Shami, ―Detecting Botnet Attacks in IoT Environments: An Optimized
Machine Learning Approach,‖ in Proceedings of the International Conference on Microelectronics, ICM, 2020. doi:
10.1109/ICM50269.2020.9331794.
[19] A. Bijalwan, ―Botnet Forensic Analysis Using Machine Learning,‖ Secur. Commun. Networks, vol. 2020, no. 1,
pp. 1–9, Feb. 2020, doi: 10.1155/2020/9302318.
[20] C. Okur and M. Dener, ―Detecting IoT Botnet Attacks Using Machine Learning Methods,‖ in 2020
International Conference on Information Security and Cryptology (ISCTURKEY), IEEE, Dec. 2020, pp. 31–37. doi:
10.1109/ISCTURKEY51113.2020.9307994.
[21] D. C. Le and N. Zincir-Heywood, ―Learning from Evolving Network Data for Dependable Botnet Detection,‖
in 15th International Conference on Network and Service Management, CNSM 2019, 2019. doi:
10.23919/CNSM46954.2019.9012710.
[22] J. Liu, S. Liu, and S. Zhang, ―Detection of IoT Botnet Based on Deep Learning,‖ in 2019 Chinese Control
Conference (CCC), IEEE, Jul. 2019, pp. 8381–8385. doi: 10.23919/ChiCC.2019.8866088.
[23] A. Al-Nawasrah, A. Al-Momani, F. Meziane, and M. Alauthman, ―Fast flux botnet detection framework using
adaptive dynamic evolving spiking neural network algorithm,‖ in 2018 9th International Conference on Information
and Communication Systems (ICICS), 2018, pp. 7–11. doi: 10.1109/IACS.2018.8355433.
[24] K. V Pradeepthi and A. Kannan, ―Detection of Botnet traffic by using Neuro-fuzzy based Intrusion Detection,‖
in 2018 Tenth International Conference on Advanced Computing (ICoAC), IEEE, Dec. 2018, pp. 118–123. doi:10.1109/ICoAC44903.2018.8939109.
[25] M. Eslahi, W. Z. Abidin, and M. V. Naseri, ―Correlation-based HTTP Botnet detection using network
communication histogram analysis,‖ in 2017 IEEE Conference on Applications, Information and Network Security,
AINS 2017, 2017. doi: 10.1109/AINS.2017.8270416.
[26] S. García, M. Grill, J. Stiborek, and A. Zunino, ―An empirical comparison of botnet detection methods,‖
Comput. Secur., vol. 45, pp. 100–123, Sep. 2014, doi: 10.1016/j.cose.2014.05.011.
[27] J. Kim, H. Won, M. Shim, S. Hong, and E. Choi, ―Feature Analysis of IoT Botnet Attacks based on RNN and
LSTM,‖ Int. J. Eng. Trends Technol., vol. 68, no. 4, pp. 43–47, Apr. 2020, doi: 10.14445/22315381/IJETTV68I4P208S.
[28] I. Letteri, G. Della Penna, and P. Caianiello, ―Feature selection strategies for HTTP botnet traffic detection,‖ in
Proceedings - 4th IEEE European Symposium on Security and Privacy Workshops, EUROS and PW 2019, 2019.
doi: 10.1109/EuroSPW.2019.00029. [29] B. Abraham, A. Mandya, R. Bapat, F. Alali, D. E. Brown, and M. Veeraraghavan, ―A Comparison of Machine
Learning Approaches to Detect Botnet Traffic,‖ in Proceedings of the International Joint Conference on Neural
Networks, 2018. doi: 10.1109/IJCNN.2018.8489096.
[30] X. D. Hoang and Q. C. Nguyen, ―Botnet Detection Based On Machine Learning Techniques Using DNS Query
Data,‖ Futur. Internet, vol. 10, no. 5, p. 43, May 2018, doi: 10.3390/fi10050043.
[31] R. T. Wiyono and N. D. W. Cahyani, ―Performance Analysis of Decision Tree C4.5 as a Classification
Technique to Conduct Network Forensics for Botnet Activities in Internet of Things,‖ in 2020 International
Conference on Data Science and Its Applications, ICoDSA 2020, 2020. doi: 10.1109/ICoDSA50139.2020.9212932.
[32] R. U. Khan, X. Zhang, R. Kumar, A. Sharif, N. A. Golilarz, and M. Alazab, ―An Adaptive Multi-Layer Botnet
Detection Technique Using Machine Learning Classifiers,‖ Appl. Sci., vol. 9, no. 11, p. 2375, Jun. 2019, doi:
10.3390/app9112375.
[33] M. Nguyen, M. Aktas, and E. Akbas, ―Bot Detection on Social Networks Using Persistent Homology,‖ Math.
Comput. Appl., vol. 25, no. 3, p. 58, Sep. 2020, doi: 10.3390/mca25030058.
[34] Chalasani, R., Tyagadurgam, M. S. V., Gangineni, V. N., Pabbineedi, S., Penmetsa, M., & Bhumireddy, J. R.
(2021). Enhancing IoT (Internet of Things) Security Through Intelligent Intrusion Detection Using ML
Models. Available at SSRN 5609630. [35] Polam, R. M., Kamarthapu, B., Kakani, A. B., Nandiraju, S. K. K., Chundru, S. K., & Vangala, S. R. (2021).
Big Text Data Analysis for Sentiment Classification in Product Reviews Using Advanced Large Language
Models. International Journal of AI, BigData, Computational and Management Studies, 2(2), 55-65.
[36] Vangala, S. R., Polam, R. M., Kamarthapu, B., Kakani, A. B., Nandiraju, S. K. K., & Chundru, S. K. (2021).
Smart Healthcare: Machine Learning-Based Classification of Epileptic Seizure Disease Using EEG Signal
Analysis. International Journal of Emerging Research in Engineering and Technology, 2(3), 61-70.
[37] Polam, R. M., Kamarthapu, B., Kakani, A. B., Nandiraju, S. K. K., Chundru, S. K., & Vangala, S. R. (2021).
Data Security in Cloud Computing: Encryption, Zero Trust, and Homomorphic Encryption. International Journal of
Emerging Trends in Computer Science and Information Technology, 2(3), 70-80.
[38] Polu, A. R., Buddula, D. V. K. R., Narra, B., Gupta, A., Vattikonda, N., & Patchipulusu, H. (2021). Evolution
of AI in Software Development and Cybersecurity: Unifying Automation, Innovation, and Protection in the Digital
Age. Available at SSRN 5266517. [39] Gupta, A. K., Buddula, D. V. K. R., Patchipulusu, H. H. S., Polu, A. R., Narra, B., & Vattikonda, N. (2021).
An Analysis of Crime Prediction and Classification Using Data Mining Techniques.
[40] Gupta, K., Varun, G. A. D., Polu, S. D. E., & Sachs, G. Enhancing Marketing Analytics in Online Retailing
through Machine Learning Classification Techniques.