Automated Botnet Traffic Detection via Machine Learning

Connected machines become more vulnerable to malware infections which potentially cause them to be controlled as part of a botnet for cybercrime activities. Prompt detection of infected machines is required for protecting local networks and infrastructure as well as reducing the impact of botnets. In this paper, we propose the use of machine learning techniques involving multi-layer perceptrons and decision trees on network traffic analysis for the detection of botnet traffic. We enhance components of an existing detection framework with these techniques to automate its processes and improve performance at the same time. Our experiments indicate that the modifications successfully improved the overall performance of botnet traffic detection in both supervised and semi-supervised manners.