Botnet Detection Using Recurrent Variational Autoencoder

04/01/2020
by   Jeeyung Kim, et al.
0

Botnets are increasingly used by malicious actors, creating increasing threat to a large number of internet users. To address this growing danger, we propose to study methods to detect botnets, especially those that are hard to capture with the commonly used methods, such as the signature based ones and the existing anomaly-based ones. More specifically, we propose a novel machine learning based method, named Recurrent Variational Autoencoder (RVAE), for detecting botnets through sequential characteristics of network traffic flow data including attacks by botnets. We validate robustness of our method with the CTU-13 dataset, where we have chosen the testing dataset to have different types of botnets than those of training dataset. Tests show that RVAE is able to detect botnets with the same accuracy as the best known results published in literature. In addition, we propose an approach to assign anomaly score based on probability distributions, which allows us to detect botnets in streaming mode as the new networking statistics becomes available. This on-line detection capability would enable real-time detection of unknown botnets.

READ FULL TEXT
research
05/14/2021

DoS and DDoS Mitigation Using Variational Autoencoders

DoS and DDoS attacks have been growing in size and number over the last ...
research
09/06/2021

Insider Detection using Deep Autoencoder and Variational Autoencoder Neural Networks

Insider attacks are one of the most challenging cybersecurity issues for...
research
11/28/2019

A Case for the Score: Identifying Image Anomalies using Variational Autoencoder Gradients

Through training on unlabeled data, anomaly detection has the potential ...
research
04/14/2021

Detection of Dataset Shifts in Learning-Enabled Cyber-Physical Systems using Variational Autoencoder for Regression

Cyber-physical systems (CPSs) use learning-enabled components (LECs) ext...
research
04/26/2021

Improving Botnet Detection with Recurrent Neural Network and Transfer Learning

Botnet detection is a critical step in stopping the spread of botnets an...
research
05/13/2021

TAR: Generalized Forensic Framework to Detect Deepfakes using Weakly Supervised Learning

Deepfakes have become a critical social problem, and detecting them is o...
research
08/05/2022

Variational Autoencoders for Anomaly Detection in Respiratory Sounds

This paper proposes a weakly-supervised machine learning-based approach ...

Please sign up or login with your details

Forgot password? Click here to reset