Research Article
Botnet Forensic Analysis Using Machine Learning
| Input: | | D: dataset; tnd: training data; tsd: testing data point; cl: class label; f: feature; M: model | | Output: | (1) | Obtaining tnd (tnd1 + tnd2 + ……… + tndn) and tsd (tsd1 + tsd2 + …. + tsdn) from D | (2) | Extracting f from tnd and tsd of D | (3) | Segregation on Normal and Botnet traffic | (4) | If no cl on botnet traffic then | (5) | Providing cl elseif | (6) | Goto next step | (7) | Frame M, test each M on cl data on tnd and tsd and obtain its accuracy | (8) | Test M1 from knn, DT and svm | (9) | Test ensemble M2 from multiple combinations | (10) | Compare step 8 and step 9 | (11) | M ⟵ best from M1 & M2 models based on accuracy | (12) | Predict the cl |
|