‏ ‏Using Combination of Independent Component Analysis and Decision Tree ‎algorithm for Botnet detection in IoT Devices

Bot malware and botnet are two widely understood concepts in the cyber security literature. Specifically, a botnet is a geographically dispersed network of infected bots (such as any computing device, including an Internet of Things (IoT) device such as a smart TV, that is compromised by bot malware), which is remotely controlled by a bot. The master is controlled. Such botnets are commonly used to carry out a wide range of malicious cyber activities, from sending spam to launching distributed denial of service (DDoS) attacks to spreading malicious programs (malware) to distributing illegal material (such as child abuse material). In this research, botnet detection systems were investigated and methods to optimize and increase their efficiency in order to identify botnets developed. The chosen method for this work is the combination of independent component analysis and the decision tree algorithm and the single decision tree 15 method, which we discussed with the classification of the data used, i.e., UNSW-NB features, and the 40 dataset contains 15 The chosen method for this work is the combination of independent component analysis and decision tree algorithm and single decision tree 15method, which we discussed with the classification of the data used i.e. UNSW-NB features and the 40 dataset contains 15  Since the UNSW. NB2018and CiCIDS features, we investigated the use of the two approaches in 78 datasets has 2018CiCIDS terms of accuracy, correctness and error criteria. The accuracy obtained for botnet detection according to the approach of combining independent component analysis percent 99.994data set is equal to 15and decision tree algorithm on the UNSW-NB. Also, the amount of RMSE error 99.177 data set is equal to 2018 and on the CiCIDS and on the 0.0076 data set is equal to a small value of 15obtained on the UNSW-NB 0.0076 data set equal to 2018CiCIDS This research focuses on studying and improving robot network detection systems to enhance their identification efficiency. The proposed methodology uses a hybrid approach combining Independent Component Analysis (ICA) and Decision Tree (DT) algorithms, and compares its performance to an independent decision tree model.