Developing P2P Botnet Detection Model Using Deep Learning Approach

Abstract

Botnets are a global problem, and effective botnet detection requires cooperation of large Internet Service Providers, allowing near global visibility of traffic that can be exploited to detect them. This study introduces a significant advancement in cybersecurity: P2P botnet detection utilizing a deep learning model. P2P botnets pose a severe threat due to their covert, decentralized communication channels, enabling malicious activities. Conventional detection methods struggle with these sophisticated botnets due to their dynamic and evasive nature. To address this challenge, state-of-the-art deep learning algorithms have been used for effective P2P botnet traffic detection. This paper presents a novel GAN-based deep learning model for botnet detection, named AEtable-GAN, which combines a generative adversarial network (GAN) with an autoencoder. The proposed model leverages the table-GAN model to learn the data distribution from the training dataset, and then uses its discriminator as a classifier after concatenating it with the encoder. This approach enhances the generalization ability of the encoder by forcing it to match the data behavior learned by the table-GAN. The performance of the proposed model is compared with other CNN and DNN based models on a benchmark dataset, and the results show that AEtable-GAN achieves a remarkable accuracy of 99.9%, with 99.99% and 99.9% precision for positive and negative samples, respectively, and no false positives or false negatives. These results underscore the applicability of GAN based deep learning models in effectively detecting P2P botnet activities perhaps further induce the proposed approaches GAN base classifiers can exhibit remarkable accuracy and proficiently classify a range of positive and negative cases, contributing to strengthened cybersecurity measures against persistent P2P botnet threats