ENSEMBLE MACHINE LEARNING-BASED BOTNET DETECTION AND REAL-TIME MITIGATION SYSTEM

This study developed an effective botnet detection and management system using machine learning techniques. An ensemble model combining Artificial Neural Network (ANN), Support Vector Machine (SVM), and Decision Tree (DT) algorithms was employed to accurately identify botnet activities. Datasets from the University of Nigeria, Nsukka, and CTU-13 were used, encompassing multiple botnet types and relevant network features. Feature selection and transformation techniques, including analysis of variance (ANOVA) and Principal Component Analysis (PCA), optimized the datasets for model training. A decision-based algorithm was incorporated to isolate infected devices and generate real-time alerts, enhancing network security. Experimental results showed that ANN and SVM achieved high individual accuracies of 0.98, while DT achieved 0.79. The ensemble model outperformed individual classifiers, achieving an accuracy of 0.99, recall of 0.99, and precision of 0.96, demonstrating superior reliability in detecting botnet threats. Comparative evaluation with existing approaches indicated that the proposed system not only delivers high detection rates but also integrates incident response for real-time threat isolation and logging, improving practical cybersecurity performance. In conclusion, the study demonstrates that ensemble machine learning, combined with effective feature engineering and real-time mitigation mechanisms, significantly enhances botnet detection in dynamic network environments. The findings underscore the value of leveraging complementary strengths of multiple classifiers, while future work could focus on detecting emerging botnet variants and further improving model adaptability for evolving cybersecurity challenges.