Paper Contents
Abstract
Abstract The word "botnet" blends the words "robot" and "network". Botnets are a serious danger to computer network security and stability because they can be used to carry out malicious operations like spam distribution, data exfiltration, and distributed denial-of-service (DDoS) assaults by using networked compromised devices. An increasing number of detection systems are becoming more proactive and adaptive as a result of the traditional signature-based detection methods inability to keep up with the sophistication of botnet strategies. The present review paper critically examines the use of machine learning (ML) approaches for detecting botnet activity within network traffic.The paper's first section provides an overview of botnets, emphasizing how they work and the difficulties typical security solutions have in dealing with them. It then delves into the shortcomings of traditional detection techniques and encourages using machine learning as a viable substitute. An extensive review of recent ML-based botnet detection research projects is done, covering a range of ML algorithms, feature extraction methods, and dataset attributes.The review classifies current methods for machine learning-based botnet identification into three categories: semi-supervised, supervised, and supervised learning paradigms. It examines the benefits and drawbacks of every strategy, clarifying elements like computational efficiency, scalability, and detection accuracy. The review also looks at the variety of features used in botnet traffic analysis, such as deep packet inspection, behavioral analysis, and statistical flow-based features.
Copyright
Copyright © 2025 Minal Dhankar. This is an open access article distributed under the Creative Commons Attribution License.
