Author : Ankita Bhaiyya 1
Date of Publication :7th September 2015
Abstract: One of the most significant current issues in computer network security is BOTNET. It is an active focus of the research community and industry due to a sharp rise of attacks on individual and organizational computers. BOTNET is a large network of compromised computers used to attack other computer systems for malicious intent. Botnets are one of the most destructive threats to the cyber security. A botnet is a collection of compromised machines (bots) receiving and responding to commands from a server (the C&C server) that serves as a rendezvous mechanism for commands from a human controller. Recently, HTTP protocol is frequently utilized by botnets as the Command and Communication (C&C) protocol. In this work, we aim to detect HTTP-based botnet activity based on machine learning approach. To achieve this, botnet analysis system is implemented by employing two different machine learning algorithms, C5.0 and k means-bisecting algorithm. This Bisecting Kmeans algorithm is a clustering algorithm that give trained data by taking the desired iteration. The data obtained by the k-means algorithm is processed by a machine learning C5.0 algorithm. Then the probable botnets are identified using this algorithm. Thus botnet can be blocked from the system by using these two effective algorithms.