Diving Deep With BotLab-DS1: A Novel Ground Truth-Empowered Botnet Dataset
Cyberspace faces unparalleled threats due to the rapid rise in botnet attacks and their profound repercussions. Utilizing AI-assisted systems emerges as a potent solution for detecting and neutralizing such attacks. Existing research on botnet attack detection revolves around dataset creation, ampli...
Main Authors: | , , , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
IEEE
2024-01-01
|
Series: | IEEE Access |
Subjects: | |
Online Access: | https://ieeexplore.ieee.org/document/10439154/ |
_version_ | 1797292082872713216 |
---|---|
author | Muhammad Qasim Muhammad Waleed Tai-Won Um Peyman Pahlevani Jens Myrup Pedersen Asif Masood |
author_facet | Muhammad Qasim Muhammad Waleed Tai-Won Um Peyman Pahlevani Jens Myrup Pedersen Asif Masood |
author_sort | Muhammad Qasim |
collection | DOAJ |
description | Cyberspace faces unparalleled threats due to the rapid rise in botnet attacks and their profound repercussions. Utilizing AI-assisted systems emerges as a potent solution for detecting and neutralizing such attacks. Existing research on botnet attack detection revolves around dataset creation, amplifying the detection methods’ efficacy and precision via sophisticated machine learning models, and a behaviour-centric analysis. A discerning review of current datasets reveals their limitations: the obsolescence of some datasets, their limited relevance to certain attack types, and an imperative lack of ground truth. Addressing these gaps, we introduce a ground truth, the BotLab-DS1 dataset, featuring 5,279 real-world active botnet samples spanning 12 botnet families and 3,000 benign instances. This paper’s core is threefold; initially, we delineate a thorough review of existing datasets and their inherent shortcomings. Subsequently, we unfold a holistic data creation strategy and leverage advanced feature engineering methods on static, behavioural, and network-centric attributes. Finally, the research involves training diverse machine learning algorithms using the BotLab-DS1 dataset for enhanced botnet detection. Our empirical findings underline that BotLab-DS1, when paired with the random forest algorithm, attains 98.6% accuracy and 99.0% precision. In contrast, gradient boosting trails closely, registering 96.34% accuracy and 96.0% precision. We believe our study will pioneer new pathways for dataset formulation and algorithmic scrutiny, enriching the research landscape and backing the global initiative to thwart botnet incursions effectively. |
first_indexed | 2024-03-07T19:46:36Z |
format | Article |
id | doaj.art-9c460e1e102442bbb72a6965b61caf10 |
institution | Directory Open Access Journal |
issn | 2169-3536 |
language | English |
last_indexed | 2024-03-07T19:46:36Z |
publishDate | 2024-01-01 |
publisher | IEEE |
record_format | Article |
series | IEEE Access |
spelling | doaj.art-9c460e1e102442bbb72a6965b61caf102024-02-29T00:00:32ZengIEEEIEEE Access2169-35362024-01-0112288982891010.1109/ACCESS.2024.336712210439154Diving Deep With BotLab-DS1: A Novel Ground Truth-Empowered Botnet DatasetMuhammad Qasim0https://orcid.org/0000-0003-2072-4607Muhammad Waleed1https://orcid.org/0000-0001-9770-6293Tai-Won Um2https://orcid.org/0000-0002-4922-1774Peyman Pahlevani3Jens Myrup Pedersen4https://orcid.org/0000-0002-1903-2921Asif Masood5Department of Electrical Engineering, National University of Sciences and Technology, Islamabad, PakistanDepartment of Electronic Systems, Aalborg University, Copenhagen, DenmarkGraduate School of Data Science, Chonnam National University, Gwangju, Republic of KoreaDepartment of Electronic Systems, Aalborg University, Copenhagen, DenmarkDepartment of Electronic Systems, Aalborg University, Copenhagen, DenmarkDepartment of Electrical Engineering, National University of Sciences and Technology, Islamabad, PakistanCyberspace faces unparalleled threats due to the rapid rise in botnet attacks and their profound repercussions. Utilizing AI-assisted systems emerges as a potent solution for detecting and neutralizing such attacks. Existing research on botnet attack detection revolves around dataset creation, amplifying the detection methods’ efficacy and precision via sophisticated machine learning models, and a behaviour-centric analysis. A discerning review of current datasets reveals their limitations: the obsolescence of some datasets, their limited relevance to certain attack types, and an imperative lack of ground truth. Addressing these gaps, we introduce a ground truth, the BotLab-DS1 dataset, featuring 5,279 real-world active botnet samples spanning 12 botnet families and 3,000 benign instances. This paper’s core is threefold; initially, we delineate a thorough review of existing datasets and their inherent shortcomings. Subsequently, we unfold a holistic data creation strategy and leverage advanced feature engineering methods on static, behavioural, and network-centric attributes. Finally, the research involves training diverse machine learning algorithms using the BotLab-DS1 dataset for enhanced botnet detection. Our empirical findings underline that BotLab-DS1, when paired with the random forest algorithm, attains 98.6% accuracy and 99.0% precision. In contrast, gradient boosting trails closely, registering 96.34% accuracy and 96.0% precision. We believe our study will pioneer new pathways for dataset formulation and algorithmic scrutiny, enriching the research landscape and backing the global initiative to thwart botnet incursions effectively.https://ieeexplore.ieee.org/document/10439154/Cyberspacebotnetdatasetmachine learningsecurity attacks |
spellingShingle | Muhammad Qasim Muhammad Waleed Tai-Won Um Peyman Pahlevani Jens Myrup Pedersen Asif Masood Diving Deep With BotLab-DS1: A Novel Ground Truth-Empowered Botnet Dataset IEEE Access Cyberspace botnet dataset machine learning security attacks |
title | Diving Deep With BotLab-DS1: A Novel Ground Truth-Empowered Botnet Dataset |
title_full | Diving Deep With BotLab-DS1: A Novel Ground Truth-Empowered Botnet Dataset |
title_fullStr | Diving Deep With BotLab-DS1: A Novel Ground Truth-Empowered Botnet Dataset |
title_full_unstemmed | Diving Deep With BotLab-DS1: A Novel Ground Truth-Empowered Botnet Dataset |
title_short | Diving Deep With BotLab-DS1: A Novel Ground Truth-Empowered Botnet Dataset |
title_sort | diving deep with botlab ds1 a novel ground truth empowered botnet dataset |
topic | Cyberspace botnet dataset machine learning security attacks |
url | https://ieeexplore.ieee.org/document/10439154/ |
work_keys_str_mv | AT muhammadqasim divingdeepwithbotlabds1anovelgroundtruthempoweredbotnetdataset AT muhammadwaleed divingdeepwithbotlabds1anovelgroundtruthempoweredbotnetdataset AT taiwonum divingdeepwithbotlabds1anovelgroundtruthempoweredbotnetdataset AT peymanpahlevani divingdeepwithbotlabds1anovelgroundtruthempoweredbotnetdataset AT jensmyruppedersen divingdeepwithbotlabds1anovelgroundtruthempoweredbotnetdataset AT asifmasood divingdeepwithbotlabds1anovelgroundtruthempoweredbotnetdataset |