Towards using transfer learning for Botnet Detection

Basil Alothman, Prapa Rattadilok

Research output: Chapter in Book/Conference proceedingConference contributionpeer-review

9 Citations (Scopus)

Abstract

Botnet Detection has been an active research area over the last decades. Researchers have been working hard to develop effective techniques to detect Botnets. From reviewing existing approaches it can be noticed that many of them target specific Botnets. Also, many approaches try to identify any Botnet activity by analysing network traffic. They achieve this by concatenating existing Botnet datasets to obtain larger datasets, building predictive models using these datasets and then employing these models to predict whether network traffic is safe or harmful. The problem with the first approaches is that data is usually scarce and costly to obtain. By using small amounts of data, the quality of predictive models will always be questionable. On the other hand, the problem with the second approaches is that it is not always correct to concatenate datasets containing network traffic from different Botnets. Datasets can have different distributions which means they can downgrade the predictive performance of machine learning models. Our idea is instead of concatenating datasets, we propose using transfer learning approaches to carefully decide what data to use. Our hypothesis is 'Predictive Performance can be improved by using transfer learning techniques across datasets containing network traffic from different Botnets'.

Original languageEnglish
Title of host publication2017 12th International Conference for Internet Technology and Secured Transactions, ICITST 2017
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages281-282
Number of pages2
ISBN (Electronic)9781908320933
DOIs
Publication statusPublished - 8 May 2018
Event12th International Conference for Internet Technology and Secured Transactions, ICITST 2017 - Cambridge, United Kingdom
Duration: 11 Dec 201714 Dec 2017

Publication series

Name2017 12th International Conference for Internet Technology and Secured Transactions, ICITST 2017

Conference

Conference12th International Conference for Internet Technology and Secured Transactions, ICITST 2017
Country/TerritoryUnited Kingdom
CityCambridge
Period11/12/1714/12/17

Keywords

  • Botnet-Detection
  • Transfer-Learning
  • component
  • data-distribution
  • improve-predictive-performance
  • network-traffic-analysis

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Computer Science Applications
  • Hardware and Architecture
  • Safety, Risk, Reliability and Quality

Fingerprint

Dive into the research topics of 'Towards using transfer learning for Botnet Detection'. Together they form a unique fingerprint.

Cite this