NUST Institutions Library Catalogue catalog › Details for: Improving the Capabilities of Network Attack Detection using Machine Learning /

Normal view MARC view ISBD view

Improving the Capabilities of Network Attack Detection using Machine Learning / Muhammad Qasim

By: Qasim, Muhammad Contributor(s): Supervised by Dr. Asif Masood Material type: Text

TextPublisher: Rawalpindi, MCS (NUST), 2020Description: 108 pSubject(s): PhD Electrical Engineering Thesis | PhD EE ThesisDDC classification: 621.382,QAS

Contents:

The digital realm is increasingly threatened by botnet attacks, which have escalated both in frequency and complexity. Addressing these threats, our research focuses on the deployment of AI-enhanced systems for the detection and mitigation of botnet activities. Traditional research in this area has concentrated on developing datasets, enhancing detection methods with advanced machine learning (ML) techniques, and conducting analyses based on behaviour. Our review identifies critical limitations in existing datasets, including outdated information, limited applicability to various attack types, and a notable absence of verified data (ground truth). To bridge these gaps, we introduce the BotLab-DS1 dataset, which comprises 5,279 authentic botnet samples across 12 families and 3,000 benign samples, providing a robust foundation for detection models. Our study unfolds in three primary areas: an exhaustive evaluation of current datasets and their limitations, the development of a comprehensive dataset creation strategy utilizing advanced feature engineering across static, behavioural, and network attributes, and the application of diverse ML algorithms for superior botnet detection efficacy. Empirical results demonstrate the BotLab-DS1 dataset’s effectiveness, particularly when combined with the Random Forest algorithm, achieving an accuracy of 98.6% and a precision of 99.0%. Gradient Boosting also shows strong performance, with 96.34% accuracy and 96.0% precision. Furthermore, we explore the innovative application of Natural Language Processing (NLP) techniques, such as Bag of Words, BERT, GloVe, and Word2Vec, to analyze behavioral reports, enhancing ML feature sets for botnet detection. This approach, supported by the XGboost classifier, yields exceptional outcomes, achieving an accuracy of 99.17% and a ROC/AUC score of 0.9995. Our findings underscore the pivotal role of NLP in improving feature extraction and the overall effectiveness of ML algorithms in addressing botnet threats. This research not only advances the field of cybersecurity by offering a novel dataset and demonstrating the efficacy of combining NLP with ML for botnet detection but also sets a foundation for future innovations in dataset development and algorithmic analysis to combat cyber threats more effectively.

Tags from this library: No tags from this library for this title. Log in to add tags.

Holdings ( 1 )
Title notes ( 1 )
Comments ( 0 )

Item type	Current location	Home library	Shelving location	Call number	Status	Notes	Date due	Barcode	Item holds
Thesis	Military College of Signals (MCS)	Military College of Signals (MCS)	Thesis	621.382,QAS (Browse shelf)	Available	Almirah No.68, Shelf No.6		MCSPhD EE-26

Total holds: 0

The digital realm is increasingly threatened by botnet attacks, which have escalated
both in frequency and complexity. Addressing these threats, our research
focuses on the deployment of AI-enhanced systems for the detection and mitigation
of botnet activities. Traditional research in this area has concentrated on
developing datasets, enhancing detection methods with advanced machine learning
(ML) techniques, and conducting analyses based on behaviour. Our review
identifies critical limitations in existing datasets, including outdated information,
limited applicability to various attack types, and a notable absence of verified
data (ground truth). To bridge these gaps, we introduce the BotLab-DS1 dataset,
which comprises 5,279 authentic botnet samples across 12 families and 3,000 benign
samples, providing a robust foundation for detection models. Our study
unfolds in three primary areas: an exhaustive evaluation of current datasets and
their limitations, the development of a comprehensive dataset creation strategy
utilizing advanced feature engineering across static, behavioural, and network attributes,
and the application of diverse ML algorithms for superior botnet detection
efficacy. Empirical results demonstrate the BotLab-DS1 dataset’s effectiveness,
particularly when combined with the Random Forest algorithm, achieving
an accuracy of 98.6% and a precision of 99.0%. Gradient Boosting also shows
strong performance, with 96.34% accuracy and 96.0% precision. Furthermore,
we explore the innovative application of Natural Language Processing (NLP)
techniques, such as Bag of Words, BERT, GloVe, and Word2Vec, to analyze behavioral
reports, enhancing ML feature sets for botnet detection. This approach,
supported by the XGboost classifier, yields exceptional outcomes, achieving an
accuracy of 99.17% and a ROC/AUC score of 0.9995. Our findings underscore the
pivotal role of NLP in improving feature extraction and the overall effectiveness
of ML algorithms in addressing botnet threats. This research not only advances
the field of cybersecurity by offering a novel dataset and demonstrating the efficacy
of combining NLP with ML for botnet detection but also sets a foundation
for future innovations in dataset development and algorithmic analysis to combat
cyber threats more effectively.

There are no comments on this title.

to post a comment.