Deanship of Graduate Studies | Researches | Botnet Mitigation based on Machine Learning in Software Defined Networks

Main Page
Deanship
- The Dean
  - Dean's Word
  - Curriculum Vitae
  - Contact the Dean
- Vision and Mission
- Organizational Structure
- Vice- Deanship
- Vice- Dean
- KAU Graduate Studies
Research Services & Courses
- Research Services Unit
- Important Research for Society
- Deanship's Services
  - FAQs
  - Research
  - Staff Directory
  - Files
  - Favorite Websites
  - Deanship Access Map
Graduate Studies Awards
Deanship's Staff
- Staff Directory
Files
Researches
Contact us

- عربي
- English

Deanship of Graduate Studies

Document Details

Document Type	:	Thesis
Document Title	:	Botnet Mitigation based on Machine Learning in Software Defined Networks الحد من هجمات الروبوتات باستخدام تعليم الآله في الشبكات المعرفة بالبرمجيات
Subject	:	Faculty of Computing and Information Technology
Document Language	:	Arabic
Abstract	:	Over the past decade, the internet has grown and changed the world tremendously, which has caused significant growth in cyber attacks. Cybersecurity represents one of the most serious threats to society and costs millions of dollars each year. Botnets are responsible for most internet attacks on conventional networks and have become the main concern and one of the biggest threats to software-defined networking (SDN). SDN is a new networking technology that makes networks easier to program by separating the data plane from the control plane. This makes the control plane independent and centralized for network control. Several methods have been proposed to detect and mitigate botnet attacks in SDN, but the challenges still exist. These methods of botnet detection based on NetFlow traffic features rely on computing statistical features of flow traffic and avoid detection in different ways. The aim of this thesis is to propose a secure system that efficiently detects botnet attacks and automatically mitigates them in the SDN. The secure system employs two phases: The first phase is the graph-based bot detection classification model called BotSword, and the second phase is validating the trained BotSword model in the SDN environment with maintaining high performance, bandwidth improvement, and low processing overhead, as well as automatically blocking all infected hosts to minimize the number of infected hosts and the amount of network damage. The proposed BotSword model showed excellent performance metrics (accuracy, recall, precision, and F1_score) over 99% and a low FPR of 0.002% evaluated in the CTU-13 dataset. Following validating in the SDN environment, our model showed the same excellent performance in all metrics with over 99%, a low FPR of 0.009%, improvement in bandwidth utilization of around 90%, and minor CPU utilization overhead. This enhancement is possible because our system detects bots and prevents them from communicating with other hosts. Key Word: Cybersecurity, Botnet, software-defined networking (SDN), Graph fea- tures, Machine Learning
Supervisor	:	Dr. Khalid Alsubhi
Thesis Type	:	Doctorate Thesis
Publishing Year	:	1444 AH 2022 AD
Co-Supervisor	:	Prof. Ahmed Alzahrani
Added Date	:	Monday, February 27, 2023

Researchers

Researcher Name (Arabic)	Researcher Name (English)	Researcher Type	Dr Grade	Email
خلود شينان الشهري	Alshehri, Kholoud Shinan	Researcher	Doctorate

Files

File Name	Type	Description
49021.pdf	pdf

Back To Researches Page