Cybersecurity: BotNet Threat Detection Across the Seven-Layer ISO-OSI Model Using Machine Learning Techniques
keywords: Spoofing, hijacking, SYN flood, DoS, DDoS, cybersecurity threats, ISO-OSI model, machine learning
The Open System Interconnection (OSI) model, consisting of seven layers, has become increasingly important in addressing cyber security issues. The rapid growth of network technology has led to a rise in cyber threats, with botnets taking over fixed and mobile computers. The widespread availability of mobile devices has led to increased app consumption, with 60 % of Android malware containing major or minor botnets. The ease of accessibility of mobile devices has accelerated the adoption of mobile apps in various use cases. This article aims to identify and reduce botnets in operating systems, focusing on identifying them faster and reducing attack impact. The study analyzes botnet characteristics under controlled conditions and creates four traffic flow components across multiple time ranges. Using machine learning, flow vectors are created to identify internet flows as botnet flows or predicted flows. The method uses a combination of Boosted decision tree ensemble classifier, Naive Bayesian statistical classifier, and SVM discriminative classifier to accurately identify both well-known and novel botnets, reducing false positives and improving detection accuracy.
reference: Vol. 42, 2023, No. 5, pp. 1060–1090