Abstract

Malware has evolved into a potent weapon, and as a result, Internet users now face the gravest dangers. One of the most pervasive forms of malicious software is botnets. Because of how quickly it evolved, Botnet malware evaded detection for a long time. In this study, we use a dedicated network flow dataset to train classifiers using machine learning. The acquired data was then used to test the trained classifiers. Since it is independent of packet content, network flow data analysis can detect even the most advanced forms of encryption and obfuscation employed by attackers to conceal their bots. The results demonstrate that the suggested technique can distinguish between human and bot traffic with a high degree of accuracy and a small number of false positives.