Machine Learning-Based Botnet Detection in Software-Defined Network: A Systematic Review

Abstract

In recent decades, the internet has grown and changed the world tremendously, and this, in turn, has brought about many cyberattacks. Cybersecurity represents one of the most serious threats to society, and it costs millions of dollars each year. The most significant question remains: Where do these attacks come from? The answer is that botnets provide platforms for cyberattacks. For many organizations, a botnet-assisted attack is a terrifying threat that can cause financial losses and leave global victims in its wake. It is therefore imperative to defend organizations against botnet-assisted attacks. Software defined networking (SDN) has emerged as one of the most promising paradigms for this because it allows exponential increases in the complexity of network management and configuration. SDN has a substantial advantage over traditional approaches with regard to network management because it separates the control plane from network equipment. However, security challenges continue to arise, which raises the need for different types of implementation strategies to spread attack vectors, despite the significant benefits. The main objective of this survey is to assess botnet detection techniques by using systematic reviews and meta-analyses (PRISMA) guidelines. We evaluated various articles published since 2006 in the field of botnet detection, based on machine learning, and from 2015 in the field of SDN. Specifically, we used top-rated journals that featured the highest impact factors. In this paper, we aim to elaborate on several research areas regarding botnet attacks, detection techniques, machine learning, and SDN. We also address current research challenges and propose directions for future research.