Design And Implementation Of Botnet Detection System Based On Machine Learning

With the rapid development of the Internet,network services bring great convenience to users,but also bring many challenges to the privacy and security of user data.Along with the development of Internet services,the network is full of many malicious attack software,they ceaselessly to implement malicious and illegal activities.One of the famous malwares is botnet malware,which inherits a variety of technologies used by present-day malware.A botnet is a lot machines that is infected by botnet malware.A network of machines infected by botnet malware is called a botnet.However,the traditional rule-based botnet detection method is difficult to identify unknown and hidden malicious attacks from massive data.Therefore,machine learning has become an important defense tool in the face of increasingly complex network attacks.Using machine learning detection method,we don't need domain knowledge about botnet traffic,but only need to learn botnet traffic patterns from existing data.To solve the above problems,this paper proposes a botnet detection system based on machine learning.Botnet detection system is a system for network managers,it can detect whether there is botnet traffic in LAN in real time.The system includes network traffic data collection and storage,machine learning model detection and detection results display platform.Network managers can timely understand the security situation of the local area network under their jurisdiction by monitoring the detection results display platform.This paper designs and implements a botnet detection system based on the thinking of software engineering.Firstly,do demand analysis for the system,identify user roles and business execution processes,clear and definite system demand in terms of function and performance.Secondly,according to the demand analysis,complete the system outline design,determine the system architecture design,divide the system function modules,and give the system interface,database and user interface design.Thirdly,the detailed design of the system is carried out,including the design of machine learning model and the design of each functional module of the data display platform.Then the key implementation code and interface of the system are given.Finally,the system test is carried out to verify whether it meets the needs of users.