BotDetectorFW: an optimized botnet detection framework based on five features-distance measures supported by comparisons of four machine learning classifiers using CICIDS2017 dataset

<p><span>A Botnet is one of many attacks that can execute malicious tasks and develop continuously. Therefore, current research introduces a comparison framework, called BotDetectorFW, with classification complexity improvements for the detection attack using CICIDS2017 dataset. It free online dataset consist several high-dimensions features. The process feature selection significant step to obtain least features by eliminating irrelated consequently reduces time. This implemented inside BotDetectorFW two steps; data clustering five distance measure formulas (cosine, dice, driver & kroeber, overlap, pearson correlation) C#, followed selecting best N used as input into four classifier algorithms evaluated machine learning (WEKA); multilayerperceptron, JRip, IBK, random forest. In thoughtful diligent cleaning within preprocessing stage beside normalization, binary its features, adapting based on suitable techniques, finalized testing selected algorithms. All together contributed in satisfying high-performance metrics fewer number (8 minimum) compared outperforms other methods found literature adopted (10 or higher) same Furthermore, results performance evaluation BotDetectorFM shows competitive impact terms accuracy (ACC), precision (Pr), recall (Rc), f-measure (F1) metrics.</span></p>