Detection of botnet attacks in real-time using machine learning

Abstract

Distributed Denial of Service (DDoS) attacks have emerged as a major threat to contemporary computer networks. These attacks utilize sophisticated Botnets, which comprise interconnected computers under the control of a Botmaster, to carry out malicious activities. The Botmasters continually evolve their techniques, employing tactics such as packet encryption and obfuscation, challenging the efficacy of conventional packet inspection methods in detecting these attacks. In this project, we generated a customized dataset using the Mininet network emulation tool, which simulated the latest attack techniques. Through the successful implementation, we trained a robust machine learning model by leveraging the most effective classification algorithms and employing the Stack Generalization method within an Ensemble approach. This process aimed to achieve maximum accuracy in distinguishing between normal network traffic and potential DDoS attacks. Subsequently, the model underwent rigorous testing in real-time on a live network environment. The evaluations confirmed the model’s proficiency in promptly and accurately detecting DDoS attacks, contributing to the fortification of computer networks against this pervasive threat.