Hybrid Machine Learning Model for Efficient Bonet Attack Detection
DOI:
https://doi.org/10.62647/IJITCE2025V13I2sPP419-424Keywords:
Hybrid Machine LearningAbstract
With the rapid development of Internet
technology, cyber-attacks are becoming
increasingly sophisticated, with botnet attacks
emerging as one of the most harmful threats.
Botnet identification is challenging due to the
wide range of attack vectors and the continuous
evolution of malicious software. As the Internet
of Things (IoT) technology expands, many
network devices are susceptible to botnet attacks,
leading to significant losses in various sectors.
This paper proposes a botnet identification
system using a Long Short-Term Memory
(LSTM) model, a popular deep learning
approach, to effectively distinguish between
normal network traffic and botnet attacks. The
model classifies network traffic into two
categories: normal (0) and botnet attack (1).
Experiments were conducted using the UNSWNB15
dataset, which contains nine types of
attacks, including ‘Normal’, ‘Generic’,
‘Exploits’, ‘Fuzzers’, ‘DoS’, ‘Reconnaissance’,
‘Analysis’, ‘Backdoor’, ‘Shell code’, and
‘Worms’. The LSTM-based model achieved an
impressive testing accuracy of 90%. The
proposed approach demonstrates strong
performance in identifying botnet activities, with
high receiver operating characteristic (ROC) area
under the curve (AUC) and precision-recall area
under the curve (PR-AUC) scores, indicating its
effectiveness in classifying normal and attack
traffic. Performance comparisons with existing
state-of-the-art models further validate the
robustness of the proposed LSTM-based
approach. This research contributes to enhancing
cybersecurity procedures by providing a reliable
tool for detecting botnet attacks in evolving
network environments.
Downloads
Downloads
Published
Issue
Section
License
Copyright (c) 2025 Authors

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.