Abstract:
Botnets are a global problem, and effective botnet detection requires cooperation of large
Internet Service Providers, allowing near global visibility of traffic that can be exploited
to detect them. This study introduces a significant advancement in cybersecurity: P2P
botnet detection utilizing a deep learning model. P2P botnets pose a severe threat due to
their covert, decentralized communication channels, enabling malicious activities.
Conventional detection methods struggle with these sophisticated botnets due to their
dynamic and evasive nature. To address this challenge, state-of-the-art deep learning
algorithms have been used for effective P2P botnet traffic detection. This paper presents a
novel GAN-based deep learning model for botnet detection, named AEtable-GAN, which
combines a generative adversarial network (GAN) with an autoencoder. The proposed
model leverages the table-GAN model to learn the data distribution from the training
dataset, and then uses its discriminator as a classifier after concatenating it with the
encoder. This approach enhances the generalization ability of the encoder by forcing it to
match the data behavior learned by the table-GAN. The performance of the proposed
model is compared with other CNN and DNN based models on a benchmark dataset, and
the results show that AEtable-GAN achieves a remarkable accuracy of 99.9%, with 99.99%
and 99.9% precision for positive and negative samples, respectively, and no false positives
or false negatives. These results underscore the applicability of GAN based deep learning
models in effectively detecting P2P botnet activities perhaps further induce the proposed
approaches GAN base classifiers can exhibit remarkable accuracy and proficiently classify
a range of positive and negative cases, contributing to strengthened cybersecurity
measures against persistent P2P botnet threats
