Proposing the application of a deep learning model to detect the malicious IP address of botnet in the computer network

Abstract— Malware in general and botnets particular are big threats to cybersecurity. They have many sophisticated methods bypass security systems infect computers perform attacks, sabotage, or spying activities. Botnet detection solutions always focused on solved by scientists cybersecurity specialists. The DGA botnet is a group of common families that share the same mechanism needing connect back C&C server via DNS receive commands operate. Many studies propose algorithms for detecting classifying been proposed tested with high results. In this study, we approach using above detect malicious IP addresses malware families. First, evaluate efficiency two deep learning models LA_Bin07 LA_Mul07 new specialized dataset, UTL_DGA22. Next, extended experiment ISCX-Bot-2014 dataset. results show both get accuracy 0.98 0.86 correspondingly. Experimenting reality dataset also gives positive results, helping network administrators localize deeper investigation. solution effective enough be applied as module such firewalls, intrusion detection, prevention unified thread management - UTM.