Mathematical Problems in Engineering

Review Article

Survey on Botnet Detection Techniques: Classification, Methods, and Evaluation

Summary of typical botnet detection techniques based on distributed approach.


Papers	Mechanism	Algorithm/model	Dataset	Advantage	Drawback

[105]	A new botnet defense mechanism was proposed based on honeypot and network-based strategy, MTD, and reinforcement learning technology	MTD; reinforcement learning	Collected data itself	(i) Detect covert botnets (ii) Good elasticity	(i) High time complexity
BotSifter [107]	A BOT detection framework based on SDN, BotSifter, was proposed to distribute the detection tasks across the network edge in Open vSwitch, using centralized learning (deep neural network) and distributed detection	SDN; deep neural network	Collected data itself	(i) Distributed detection (ii) Enhanced robustness	(i) SDN deployment issues
[111]	Blockchain-based consensus mechanism, using lightweight agents installed at multiple IoT locations to collaboratively detect DDoS attacks by IoT device botnets	PoW	Collected data itself	(i) Lightweight agent (ii) Distributed detection	(i) The detection object is relatively single (ii) The cost of blockchain technology