Security Hardening of Botnet Detectors Using Generative Adversarial Networks

Randhawa, Rizwan Hamid, Aslam, Nauman, Alauthman, Mohammad, Rafiq, Husnain and Comeau, Frank (2021) Security Hardening of Botnet Detectors Using Generative Adversarial Networks. IEEE Access, 9. pp. 78276-78292. ISSN 2169-3536

[img]
Preview
Text
09439890.pdf - Published Version
Available under License Creative Commons Attribution 4.0.

Download (5MB) | Preview
Official URL: https://doi.org/10.1109/access.2021.3083421

Abstract

Machine learning (ML) based botnet detectors are no exception to traditional ML models when it comes to adversarial evasion attacks. The datasets used to train these models have also scarcity and imbalance issues. We propose a new technique named Botshot , based on generative adversarial networks (GANs) for addressing these issues and proactively making botnet detectors aware of adversarial evasions. Botshot is cost-effective as compared to the network emulation for botnet traffic data generation rendering the dedicated hardware resources unnecessary. First, we use the extended set of network flow and time-based features for three publicly available botnet datasets. Second, we utilize two GANs (vanilla, conditional) for generating realistic botnet traffic. We evaluate the generator performance using classifier two-sample test (C2ST) with 10-fold 70-30 train-test split and propose the use of ’recall’ in contrast to ’accuracy’ for proactively learning adversarial evasions. We then augment the train set with the generated data and test using the unchanged test set. Last, we compare our results with benchmark oversampling methods with augmentation of additional botnet traffic data in terms of average accuracy, precision, recall and F1 score over six different ML classifiers. The empirical results demonstrate the effectiveness of the GAN-based oversampling for learning in advance the adversarial evasion attacks on botnet detectors.

Item Type: Article
Additional Information: Funding information: This work was supported by Northumbria University Research and Development Fund (RDF).
Subjects: G400 Computer Science
G500 Information Systems
Department: Faculties > Engineering and Environment > Computer and Information Sciences
Depositing User: Elena Carlaw
Date Deposited: 17 Jun 2021 15:33
Last Modified: 31 Jul 2021 10:50
URI: http://nrl.northumbria.ac.uk/id/eprint/46480

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics