Open AccessA Decision Tree-Aware Genetic Algorithm for Botnet Detection
Author(s) -
Thurayaa B. Alhijaj,
Sarab M. Hameed,
Bara’a Ali Attea
Publication year - 2021
Publication title -
iraqi journal of science
Language(s) - English
Resource type - Journals
eISSN - 2312-1637
pISSN - 0067-2904
DOI - 10.24996/ijs.2021.62.7.34
Subject(s) - botnet , computer science , decision tree , feature selection , intrusion detection system , classifier (uml) , data mining , genetic algorithm , artificial intelligence , set (abstract data type) , decision tree learning , tree (set theory) , machine learning , pattern recognition (psychology) , algorithm , mathematics , the internet , mathematical analysis , world wide web , programming language
In this paper, the botnet detection problem is defined as a feature selection problem and the genetic algorithm (GA) is used to search for the best significant combination of features from the entire search space of set of features. Furthermore, the Decision Tree (DT) classifier is used as an objective function to direct the ability of the proposed GA to locate the combination of features that can correctly classify the activities into normal traffics and botnet attacks. Two datasets namely the UNSW-NB15 and the Canadian Institute for Cybersecurity Intrusion Detection System 2017 (CICIDS2017), are used as evaluation datasets. The results reveal that the proposed DT-aware GA can effectively find the relevant features from the whole features set. Thus, it obtains efficient botnet detection results in terms of F-score, precision, detection rate, and number of relevant features, when compared with DT alone.