Evaluating ML models on CTU-13 and IOT-23 Datasets

A botnet is a collection of compromised computers or other devices that can be used in cyberattacks. Botnets are designed so that they can crash a target's network and inject malware, harvesting of credentials or execute intensive tasks related to CPU. We demonstrate that the classifiers separate malicious bots from the dataset. The classifiers are capable of distinguishing between malicious and benign activities even in larger datasets. The performance of classifier increases as the training datasets increases. Botnets can potentially be used to commit cybercrimes and other destructive actions. The datasets used for this research are CTU 13 and IOT 23 dataset. The researchers have determined many metrics that may be used to detect something at the network level. We have used various Machine Learning Algorithms to detect the bots from the labelled dataset. The implemented algorithms include Decision Tree, Naive Bayes, K-Nearest Neighbors, Logistic Regression, Random Forest, AdaBoost, and SVM. The aim is to decide the best algorithm which can be used for anomaly detection for any user or organization considering parameters such as accuracy and time consumed.