Abstract
Botnet attacks have now become a major source of cyberattacks. How to detect botnet traffic quickly and efficiently is a current problem for most enterprises. To solve this, we have built a plug-and-play botnet detection system using graph neural network algorithms. The system detects botnets by identifying the network topology and is very good at detecting botnets with different structures. Moreover, the system helps researchers to visualise which nodes in the network are at risk of botnets through a graphical interface.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Alieyan, K., Almomani, A., Anbar, M., Alauthman, M., Abdullah, R., Gupta, B.B.: DNS rule-based schema to botnet detection. Enterp. Inf. Syst. 15(4), 545–564 (2021)
Bartos, K., Sofka, M., Franc, V.: Optimized invariant representation of network traffic for detecting unseen malware variants. In: 25th \(\{\)USENIX\(\}\) Security Symposium (\(\{\)USENIX\(\}\) Security 16), pp. 807–822 (2016)
Collins, M.P., Reiter, M.K.: Hit-List worm detection and bot identification in large networks using protocol graphs. In: Kruegel, C., Lippmann, R., Clark, A. (eds.) RAID 2007. LNCS, vol. 4637, pp. 276–295. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74320-0_15
Garcia, S., Grill, M., Stiborek, J., Zunino, A.: An empirical comparison of botnet detection methods. computers & security 45, 100–123 (2014)
Gu, G., Zhang, J., Lee, W.: BotSniffer: Detecting botnet command and control channels in network traffic (2008)
Ja’fari, F., Mostafavi, S., Mizanian, K., Jafari, E.: An intelligent botnet blocking approach in software defined networks using honeypots. J. Ambient Intell. Humanized Comput. 12(2), 2993–3016 (2020). https://doi.org/10.1007/s12652-020-02461-6
Laskov, P., et al.: Practical evasion of a learning-based classifier: a case study. In: 2014 IEEE Symposium on Security and Privacy, pp. 197–211. IEEE (2014)
Lee, S., Abdullah, A., Jhanjhi, N., Kok, S.: Classification of botnet attacks in IoT smart factory using honeypot combined with machine learning. PeerJ Comput. Sci. 7, e350 (2021)
Lin, G., Wen, S., Han, Q.L., Zhang, J., Xiang, Y.: Software vulnerability detection using deep neural networks: a survey. Proc. IEEE 108(10), 1825–1848 (2020)
Linhai, Y.: Research on distributed denial of service attack model and security defense strategy based on network layer. Cyberspace Secur. 11(10), 9 (2020)
Liu, S., Dibaei, M., Tai, Y., Chen, C., Zhang, J., Xiang, Y.: Cyber vulnerability intelligence for Internet of Things binary. IEEE Trans. Ind. Inform. 16(3), 2154–2163 (2020)
Miao, Y., Chen, C., Pan, L., Han, Q.L., Zhang, J., Xiang, Y.: Machine learning based cyber attacks targeting on controlled information: a survey. ACM Comput. Surv. 54(7), 136:1–136:36 (2021)
Nagaraja, S., Mittal, P., Hong, C.Y., Caesar, M., Borisov, N.: Botgrep: finding p2p bots with structured graph analysis. In: USENIX Security Symposium, vol. 10, pp. 95–110 (2010)
Qiu, J., Zhang, J., Luo, W., Pan, L., Nepal, S., Xiang, Y.: A survey of android malware detection with deep neural models. ACM Comput. Surv. 53(6), 1–36 (2020)
Wang, M., Zhu, T., Zhang, T., Zhang, J., Yu, S., Zhou, W.: Security and privacy in 6G networks: new areas and new challenges. Digit. Commun. Networks 6(3), 281–291 (2020)
Zhang, J., Pan, L., Han, Q.L., Chen, C., Wen, S., Xiang, Y.: Deep learning based attack detection for cyber-physical system cybersecurity: a survey. IEEE/CAA J. Automatica Sinica (2021). https://doi.org/10.1109/JAS.2021.1004261
Zhou, J., Xu, Z., Rush, A.M., Yu, M.: Automating botnet detection with graph neural networks. arXiv preprint arXiv:2003.06344 (2020)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 Springer Nature Switzerland AG
About this paper
Cite this paper
Zhang, B., Li, J., Chen, C., Lee, K., Lee, I. (2022). A Practical Botnet Traffic Detection System Using GNN. In: Meng, W., Conti, M. (eds) Cyberspace Safety and Security. CSS 2021. Lecture Notes in Computer Science(), vol 13172. Springer, Cham. https://doi.org/10.1007/978-3-030-94029-4_5
Download citation
DOI: https://doi.org/10.1007/978-3-030-94029-4_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-94028-7
Online ISBN: 978-3-030-94029-4
eBook Packages: Computer ScienceComputer Science (R0)