Review Article
Survey on Botnet Detection Techniques: Classification, Methods, and Evaluation
Table 4
Summary of typical botnet detection techniques based on swarm intelligence.
| | Papers | Mechanism | Algorithm/model | Dataset | Advantage | Drawback |
| | [95] | A hybrid particle swarm optimization (PSO) and voting system botnet detection method (BD-PSO-V) was proposed | PSO | ISOT | (i) Adaptive flow feature selection method | (i) High time complexity | | PSO algorithm was used for feature selection of network stream data. The voting system was used to identify botnets and classify samples | DDN SVM C4.5 | Bot-IoT [99] | (ii) Detect during the attack phase | | [97] | For Android botnet, a smart adaptive particle swarm optimization support vector machine (SAPSO-SVM) algorithm was used for detection | SAPSO | 28 Standard Android Botnet Dataset (28-SABD) [100] | (i) Automatically extract Android botnet features | (i) High time complexity | | SVM | (ii) High detection accuracy | | [98] | GWO swarm intelligence algorithm was used to optimize the hyperparameters of OCSVM to detect botnet attacks from damaged IoT devices | GWO | N-BaIoT [101] | (i) Deal with heterogeneous IoT devices | (i) IoT devices are increasing rapidly | | OCSVM | (ii) A new unsupervised evolutionary Internet of Things botnet detection method | (ii) Cannot detect unknown botnets |
|
|
