Botnet Detection Method Analysis on the Effect of Feature Extraction

Botnets have been one of the most threatening risks against cybersecurity since 2003. Their aggressiveness and destructiveness affect the proper functioning of network directly. It is quick-witted for them to make use of changing communication mode and recruiting new members to evade detection and even reduce losses once detected. However, there still exist some hints to find and locate zombies even though their stealthiness and variability. To this end, one of the main concerns in designing a botnet detection system is how and which discriminating features to get. Hence, the feature extration becomes a key issue for the purpose of developing a powerful botnet detection system. In this work, we utilize three machine learning algorithms to explore which feature extration method is better between Netmate and Tranalyzer only using packet header information in case of privacy problems. From this perspectives, We conduct a series of experiments on two public botnet data sets and then perform some analyses of the laboratory results.