Automatic Botnet Attack Identification Based on Machine Learning

At present, the severe network security situation has put forward high requirements for defense technology. In order to automate botnet threat warning, this paper researches types and characteristics of Botnet. Botnet special in attributes such as packets, attack time interval, packet size. paper, data is annotated by means string recognition expert screening. The features are extracted from labeled data, then use K-means cluster analysis. clustering results show that same its unique characteristics, automatic identification attacks realized based on these characteristics. time, collection attribute extraction uses RF, GBM, XGBOOST other machine learning models test warning results, automatically analyzes importing data. early analysis accuracy rates different obtained. Through descriptive values three Accuracy, Precision, F1_Score, effect each model can be comprehensively displayed. Among five algorithms used have an rate over 90%. with highest model. research shows cyberattacks accurately predicted. When technology applied protection system, accurate given before a launched.