On the Viability of Federated Deep Autoencoder for Botnet Threat Detection

Author First name, Last name, Institution

Belsabel Teklemariam, Zayed University
Saron Bokretsion, Zayed University
Safa Otoum, Zayed University
Bassem Ouni, Technology Innovation Institute

Document Type

Conference Proceeding

Source of Publication

2023 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech)

Publication Date

11-17-2023

Abstract

Botnets have become a major security concern for organizations all over the globe, and detecting them has become a critical job for network administrators. Traditional Machine Learning (ML) algorithms have demonstrated the potential for detecting botnet attacks using network traffic data, however, their performance in terms of accuracy and time consumption varies considerably, making it difficult to choose the best model. In this paper, three different traditional ML models, including Decision Trees (DT), Random Forest (RF), and Naive Bayes (NB), with a Federated Deep Autoencoder (FDA) model are compared to see which one is the most efficient in terms of various metrics for detecting botnet attacks. To accomplish this, the Na-BaIOT dataset, which contains network traffic data produced by botnet attacks, has been utilized. Furthermore, the performance of traditional ML models has been contrasted with that of the FDA model, that is, neural networks, which are used to improve the accuracy of anomaly detection and learn to encode and decode complicated input patterns. The proposed FDA model performed admirably, with accuracy, precision, recall, F1 score, and ROC values ranging from 0.998 to 0.999, 1.000 to 1.000, 0.999 to 0.999, and 0.979 to 0.996, respectively, across the five loT devices selected for this paper. The DT and RF models outperformed NB with similar scores in all the metrics for evaluation. This shows that the FDA approach is a good solution for enterprises worried about their data privacy while identifying botnet attacks effectively.

DOI Link

10.1109/dasc/picom/cbdcom/cy59711.2023.10361483

ISBN

979-8-3503-0460-2

Publisher

IEEE

Volume

00

First Page

0001

Last Page

0006

Disciplines

Computer Sciences

Keywords

Botnet threat detection, Federated Deep Autoencoder, Anomaly detection, Network traffic data, Na-BaIOT dataset

Recommended Citation

Teklemariam, Belsabel; Bokretsion, Saron; Otoum, Safa; and Ouni, Bassem, "On the Viability of Federated Deep Autoencoder for Botnet Threat Detection" (2023). All Works. 6324.
https://zuscholars.zu.ac.ae/works/6324

Indexed in Scopus

no

Open Access

no