Page 1 of 10 - Cover Page Submission ID trn:oid:::31142:95200423

A Two-Fold Machine Learning Approach to Prevent and Detect

IoT Botnet Attacks - Paper - PLAGARISM.docx
Turnitin

Document Details

Submission ID

trn:oid:::31142:95200423 8 Pages

Submission Date 3,436 Words

May 10, 2025, 3:15 PM GMT+5

19,838 Characters

Download Date

May 10, 2025, 3:16 PM GMT+5

File Name

A Two-Fold Machine Learning Approach to Prevent and Detect IoT Botnet Attacks - Paper - PLA….docx

File Size

366.1 KB

Page 1 of 10 - Cover Page Submission ID trn:oid:::31142:95200423

 Page 2 of 10 - AI Writing Overview Submission ID trn:oid:::31142:95200423

0% detected as AI Caution: Review required.

The percentage indicates the combined amount of likely AI-generated text as It is essential to understand the limitations of AI detection before making decisions
well as likely AI-generated text that was also likely AI-paraphrased. about a student’s work. We encourage you to learn more about Turnitin’s AI detection
capabilities before using the tool.

Detection Groups
0 AI-generated only 0%
Likely AI-generated text from a large-language model.

0 AI-generated text that was AI-paraphrased 0%

Likely AI-generated text that was likely revised using an AI-paraphrase tool
or word spinner.

Disclaimer
Our AI writing assessment is designed to help educators identify text that might be prepared by a generative AI tool. Our AI writing assessment may not always be accurate (it may misidentify
writing that is likely AI generated as AI generated and AI paraphrased or likely AI generated and AI paraphrased writing as only AI generated) so it should not be used as the sole basis for
adverse actions against a student. It takes further scrutiny and human judgment in conjunction with an organization's application of its specific academic policies to determine whether any
academic misconduct has occurred.

Frequently Asked Questions

How should I interpret Turnitin's AI writing percentage and false positives?

The percentage shown in the AI writing report is the amount of qualifying text within the submission that Turnitin’s AI writing
detection model determines was either likely AI-generated text from a large-language model or likely AI-generated text that was
likely revised using an AI-paraphrase tool or word spinner.

False positives (incorrectly flagging human-written text as AI-generated) are a possibility in AI models.

AI detection scores under 20%, which we do not surface in new reports, have a higher likelihood of false positives. To reduce the
likelihood of misinterpretation, no score or highlights are attributed and are indicated with an asterisk in the report (*%).

The AI writing percentage should not be the sole basis to determine whether misconduct has occurred. The reviewer/instructor
should use the percentage as a means to start a formative conversation with their student and/or use it to examine the submitted
assignment in accordance with their school's policies.

What does 'qualifying text' mean?

Our model only processes qualifying text in the form of long-form writing. Long-form writing means individual sentences contained in paragraphs that make up a
longer piece of written work, such as an essay, a dissertation, or an article, etc. Qualifying text that has been determined to be likely AI-generated will be
highlighted in cyan in the submission, and likely AI-generated and then likely AI-paraphrased will be highlighted purple.

Non-qualifying text, such as bullet points, annotated bibliographies, etc., will not be processed and can create disparity between the submission highlights and the
percentage shown.

Page 2 of 10 - AI Writing Overview Submission ID trn:oid:::31142:95200423

 Page 3 of 10 - AI Writing Submission Submission ID trn:oid:::31142:95200423

A Two-Fold Machine Learning Approach to Prevent and Detect

IoT Botnet Attacks

Abstract: Distributed denial of Service (DDOS) attacks are the most common words used to describe the
distributed network attacks. These attacks benefit from some restrictions that apply to the property of each
scheme, including the structure of the authorized organization's website. The author worked with an old KDD
data set for the current study. To determine the current status of the DDOS attacks, the latest dataset must be
used. This study classified and predicts what types of DDO's attacks using machine learning techniques. For this,
random forest and XGBoost classification algorithms were used. A comprehensive function was proposed to
predict DDO's attacks to reach research. Python was used as a simulator for the proposed work, and the UNWS
NP-15 dataset was taken from the GitHub source. We created an illusion matrix to identify the model performance
after using the machine learning model. According to the results, the early classification consisted of Random
Forest algorithm's precision (PR) and recall (RE) and 89%. The average accuracy (AC) for our proposed models
is 89%, which is excellent and adequate. According to the results, XGBoost algorithm's Precision (PR) and Recall
(RE) about 90% in the second classification. The average accuracy (AC) for our proposed model is 90%. Previous
research studies had increased the accuracy of misdiagnosis by comparing our work, which is around 85% and
79%, respectively.

“Index Terms – Distributed Denial of Services (DDoS), Machine Learning, Random Forest, XGBoost, UNSW-
NB-15 dataset”.

1. INTRODUCTION concerns, as it makes these devices main objective

of cyber attacks [5].
By allowing material goods online & interacting,
Internet of Things (IoT) has changed modern number of equipment connected [6] together among

technology, improved human convenience & cyber security threat towards deliver equipment has

changed our daily lives [1], [2]. Smart TV, increased. Distributed Denial service services

wearables, lamps, cameras & toys abide some (DDOS) abuse & botnet -based infiltration abide

examples of smart IoT’s that have quickly become most popular & harmful types of attacks, & their

common in daily life in recent years: [3], [4]. These frequency & scope have increased significantly over

things abide designed towards act independently last ten years [4], [6]. In Botnet attack, attackers

among little help from humans, providing usually detect Internet for receptive IoT devices, &

automation & intelligence in different fields. then install harmful software towards convert them

Nevertheless, most IoT units have inadequate or into robots [7]. Final campaigns including DDOS

security despite their tools [3]. use of standard login attacks, spam & data violations abide later launched

information or hard -coded identification that is using these infected equipment, which is associated

unable towards change users increases serious among a colleague network or central command-
and-control server [6], [8].

Page 3 of 10 - AI Writing Submission Submission ID trn:oid:::31142:95200423

 Page 4 of 10 - AI Writing Submission Submission ID trn:oid:::31142:95200423

The devastating capacity of such dangers is best name "Jodose" was created through Hallman et al.
depicted in 2016 among famous Mirai Botnet attack. towards mark this phenomenon, which shows how
Many variations appeared after source code was IoTs abide scattered & coordinated through
published, which facilitates Brede DDO's attack on variation & decentralization of units [15].
well -known platforms such as Jethhab & AWS. [9],
Due towards low resource requirements for IoT
[10] & [11]. problem gets worse through online
units & huge amounts of network data, it is still quite
search engines such as tilt & sensors, which simplify
difficult towards detect real -time such boat network.
unprotected IoT devices [12], [13] for hackers
through using structural properties of unit
towards find. through indexing receptive devices,
communication patterns towards distinguish
these platforms enable wide utilization & increase
between benign & malicious tasks, Guenen et al. IoT
sensitivity of IoT network.
Botnet's [16] presented a unique graph -based
Traditional host-based security measures abide method towards detect. Their approach, which uses
often ineffective due towards internal obstacles graph theory towards check Internet -flow &
towards IoT units, such as their low memory & data identify ideological deviations in bottle activity,
capacity [1]. Rather, more useful security provided showed encouraging results. On other hand,
through network-based identity techniques, such as Hussain et al. through using machine learning
signature, deviations & specification-based techniques designed for traffic patterns found in IoT
approach. In particular, detection of machine Healthcare Network, he proposed a framework for
learning -based nonconformities has been detected a identifying such risks [17].
great ability towards detect unusual traffic patterns,
Intensive learning towards model normal behaviour
open door towards identify Hatharto unknown
& identify deviations, especially when using
threats & change botnet behaviour [6]. Therefore,
Autoencoders is a sophisticated technique that has
sophisticated detection models that can identify &
attracted attention. Midan et al. N-Beaiot, a network-
stop Botnet & DDOS attacks - especially in first
based detection system is presented as a deep
scanning steps - strict needs.
autoencoders towards identify bottle activity
2. RELATED WORK through modelling specific behaviour of IoT tools &
identifying deviations as potential hazards [18].
The current digital environment now has both
This method was scalable in many devices &
capacity & danger due towards widespread use of
increased accuracy of detection.
“Internet of Things (IoT) devices”. increase of
“distributed denial of service (DDOS)” attacks using quality & access towards dataset, as well as design
compromised IoT units is a serious problem. Kolias of detection methods, often prohibits effect of
et al. among emphasis on destructive capacity of intrusion detectionn system (ID). Throughout
Mirai Botnet, which started an extensive DDOS classification & study of IDs, Hind et al. Classes
attack through taking advantage of relaxation dangers of different design methods & networks &
security standards in IoT units [14]. through taking talked about deficiencies of data sets that abide
advantage of growing number of equipment related currently available for IDS model training [19]. He
towards some underlying security measures, these emphasized how important it is towards provide
attacks have become more frequent & sophisticated. extensive, accurate data sets that represent current

Page 4 of 10 - AI Writing Submission Submission ID trn:oid:::31142:95200423

 Page 5 of 10 - AI Writing Submission Submission ID trn:oid:::31142:95200423

dangers in IoT system. towards provide fair & structural aspects of network data, their technique
consistent evaluation of different machine learning acquires high recognition accuracy & provides
methods & functional choice strategies, Le June et intensive understanding of malicious activity.
al. An integrated method of assessment was Another complicated method was inserted through
proposed towards detect abuse -based network Yasin et al, who used a frequency-based addiction
filtration. network towards create IoT Botnet prediction
models. This technique provides an active safety
The deviation in detection of log data has been
mechanism through capturing connection between
investigated towards find security weaknesses,
different traffic components & detecting first signals
surveys have been done in recent studies. Using
of botnet creation [25].
built -in techniques, Kim et al. An intrusion model
was created that maintains sequential information In general, signature-based methods for IoT Botnet
from log data, when machine learning algorithm identity have given way for more advanced
allows more accurate deviations identification when strategies that use machine learning, deep learning
used [21]. This approach preserves chronological & graph analysis. Real time detection among low
order of log entries, which provides references data processing is still a basic barrier, especially in
needed towards understand complex multi -stage limited IoT references. Future studies should focus
attacks. Similarly, Alparthi & Morgera presented an on creating scalable, lightweight & adaptable
ID on several levels focusing on wireless sensor detection systems that can work on a variety of IoT
network on Internet of Things domains & models platforms because danger landscape is changing.
through biological immune system. Their model towards achieve strong IoT security, it is necessary
ensures flexibility & scalability through simulating towards combine more detection techniques,
immune responses towards identify avatar at integrate advanced analysis & create a complete
different levels [22]. evaluation framework.

For complex IoT references, deep learning 3. MATERIALS & METHODS

architecture has greatly promised towards improve
Applying state-of-the-art machine learning
accuracy of detection. Basic progress in identity of
algorithms towards recent datasets, intended system
image was made possible through et al. Since work
aims towards enhance identification & classification
on deep remaining learning is revised for use in
of Distributed Denial of Service (DDoS) attacks.
infiltration detection systems towards analyse traffic
approach utilizes UNSW-NB15 dataset, which
behaviour [23]. Discouraging networks is useful for
better characterizes recent network traffic & attack
classifying complex patterns in network data
patterns [19], compared towards existing work
because their ability towards receive intensive
reliant on outdated datasets such as KDD [14].
representations & shield problems is clear on
Employing XGBoost & Random Forest classifiers
problems.
for DDoS prediction, a predictive framework was
Construction of this, Wang et al. Bookmark created, developed in Python. Random Forest classifier
a hybrid model that detects botnet behaviour through handled complicated traffic features well among
combining graph-based & flow-based traffic 89% precision & recall, whereas XGBoost slightly
analysis [24]. through examining temporary & performed better among 90% accuracy. K-Nearest

Page 5 of 10 - AI Writing Submission Submission ID trn:oid:::31142:95200423

 Page 6 of 10 - AI Writing Submission Submission ID trn:oid:::31142:95200423

Neighbors, SVM, Logistic Regression, Decision attacks against two laboratory systems in Python
Tree, & Naive Bayes models were also employed & script. Wireshark was used towards record network
evaluated. Also, an ensemble of Voting Classifiers traffic during attacks. Into .pcap files for additional
was employed towards leverage strengths of each exams. For efficient machine learning model
model. outcome showed significant improvement training, this method made it possible towards
over existing methods, among improvements in produce a large & diverse dataset that represents a
accuracy of proposed approach being over 89% & number of DDOs -attack patterns from real world.
90%, as opposed towards 79% & 85% in existing
literature [20]. [21] [25].

“Fig.2 Dataset Collection”

“Fig.1 Architecture”
ii) Data Processing:
A deep learning-based system appears in image
towards identify scanning & DDOS attacks. To ensure that this machine was suitable for learning
Wireshark network scar is used towards collect data analysis, collected DDOS LAB data set went
at beginning of process. data processing creates through a methodological data processing process.
CSV files through removing functions & marking towards remove flow-based information such as
data sets for both DDOS & scan attacks. relevant sources/destination IPs, gates, protocols & package
function is achieved through applying plant statistics, Wireshark-captured .pcap files were
selection techniques (FS-1 & FS-2). model that converted towards CSV format using first
detects separate attacks - probably deeply neural Cicflowmeter application. towards improve quality
networks - these abide fed & trained towards of dataset, fruitless, disabled & unnecessary
identify DDOS & scan attacks respectively. Finally, properties were abolished. towards classify types of
production of network traffic shows a DDO's attack, attacks & spontaneous traffic, label coding was
a scan attack or normal. Parallel pipelines suggest used. Numerical data was standardized using
how different detection processes occur in different functional scaling methods including minimum-
types of attacks. max-normalization. For effective model evaluation
it was divided into more training & tested sets
i) Data Collection: towards clean & organized dataset.

We created DDOS LAB dataset through mimicking iii) Feature Selection:

60 different DDOS attacks, including 57 TCP flag-
based attacks & UDP, ICMP & HTTP flood attacks, To find most relevant properties that strongly help
towards identify DDOS attack [19] [24]. Automatic among identification & classification of DDOS
HPP3 instructions were used towards perform these attacks, plant was chosen. First, fixed correlated &

Page 6 of 10 - AI Writing Submission Submission ID trn:oid:::31142:95200423

 Page 7 of 10 - AI Writing Submission Submission ID trn:oid:::31142:95200423

fruitless functions were completed using correlation Vector Machine (SVM) in two groups. towards
analysis. features were then ranked according improve generalization of unknown data, it wants
towards their prognosis value using a wooden-based towards maximize margin between two classes.
functional techniques, such as seen in random forest SVMs abide often used for classification tasks, such
& XGBoost models. In addition, most impressive as Bidirectional science & image classification.
collection of features was repeated using Recursive Lesson & gene expression data abide examples of
Feature Elimination (RFE). This process shrunk high-dimensional regions where there is Excel [19].
overfit, increased model accuracy & functional
A statistical model for binary classification is called
room. proposed classification model was then
logistic regression. This uses a logistic function
trained using final properties selected.
towards estimate possibility that a given entrance is
iv) Training & Testing: of a specific class. For tasks such as risk assessment,
medical diagnosis & spam detection, logistics abide
The DDOS LAB dataset was divided into two
easy towards understand, straight & effective.
subsets for training & test process: 80% for training
Because of efficiency & success of linear
& 20% for testing. This was done according towards
classification problems, it is widely used in many
standard machine learning processes towards
other domains [20].
guarantee a reliable evaluation. training model, such
as random forest, XGBoost & others, was mounted towards make decisions based on functional values,
for diversity. model was trained towards identify & decision tree produces a model that looks like a tree.
distinguish trends between a number of DDOs A convenience -based decision is represented among
attacks. performance of model was evaluated using each node, while potential results abide represented
remaining 20% data, which was set separately for through branches. It is often used in classification &
testing. In order towards evaluate success of regression applications & is easy towards
classification, F1 score, recall, accuracy & accuracy understand. Due towards its simplicity & clarity,
was calculated. decision trees abide used in industries such as
consumer department, health care & finance [19].
v) Algorithms:
A non-parametric, slow learning method for
Based on theorem, which facilitates freedom, naive
classification & regression problems is called K-
Bayes classification is likely. It chooses square
Nearest Neighbors (KNN). data is classified
among highest probability after calculating this
according towards majority class in functional room
possibility that a sample is of each square. Due
of function room. Simple simplicity, effect &
towards use & simple efficiency, this method is
implementation of KNN makes it a popular choice
often used towards explore text classification &
for pattern recognition & recommended systems. It
spam. In many real world applications where
can endure ineffective among gigantic datasets, but
freedom perception cannot endure made, Bole
it works well among little dataset [20].
Baye's surprisingly performs well despite view of
freedom [20]. In order towards increase accuracy, voting classifier
integrates predictions from several machine learning
support determines best hyperplane towards divide
models. average of production from majority votes
a monitored learning system data called Support
or different base classifications is used towards

Page 7 of 10 - AI Writing Submission Submission ID trn:oid:::31142:95200423

 Page 8 of 10 - AI Writing Submission Submission ID trn:oid:::31142:95200423

determine which class is assigned. When a single ResNetScan-1 & ResNetDDoS-1 models were then
model cannot work well, a cloth approach increases evaluated using test set among several data sets that
flexibility & often uses. Voting classifies is often were not used for training. According towards
used towards improve model generalization & experimental results, when evaluated on datasets
reliability in classification problems [19]. that abide not used for training, all Res Net Scan &
Res Net DDOS models—aside from suggested
4. RESULTS & DISCUSSION
ResNetScan-1 & ResNetDDoS-1 model. In
addition, practical results showed that suggested
recanescan-1 & recanetdos-1 model performed
better & better than any other model towards detect
DDOS & scan attacks. Consequently, IoT is
effective & reliable towards prevent & identify IoT
Botnet attacks among a wide range of patterns of
proposed double strategy attack.
“Fig.3 Output Screen”
Only thirty -three scanning types & sixty DDOS
attacks abide included in current experiment.
towards train proposed structure properly towards
prevent & detect IoT Botnet & DDOS attacks, we
intend towards cover function of more scanning &
DDO's attacks in future. In addition, we can use a
two -dimensional strategy proposed in an IDS
towards check effectiveness of network traffic in
real time.
“Fig.4 Result for Malware URL Detection”
REFERENCES
5. CONCLUSION
[1] I. Ali, A. I. A. Ahmed, A. Almogren, M. A. Raza,
In this study, we proposed a double machine
S. A. Shah, A. Khan, & A. Gani, ``Systematic
learning strategy towards prevent & identify IoT
literature review on IoT-based botnet attack,'' IEEE
bottle attacks. towards detect attack, we trained a
Access, vol. 8, pp. 212220_212232, 2020.
state -Ar -art deep learning model, Rachanet -18, &
called it recanescan -1 model in first fold. In second [2] S. Ghazanfar, F. Hussain, A. U. Rehman, U. U.
fold, if scanning detection model is unable towards Fayyaz, F. Shahzad, & G. A. Shah, ``IoT-Flock: An
stop BOTT time attack, we trained a second recanet- open-source framework for IoT traf_c generation,''
18 model (called Resnetdos-1 model) towards in Proc. Int. Conf. Emerg. Trends Smart Technol.
identify DDOS attack. We did some experiments (ICETST), Mar. 2020, pp. 1_6.
towards confirm efficiency of recommended
recanescan-1 & recanetdos-1 model. We used scans [3] M. Safaei Pour, A. Mangino, K. Friday, M.

& DDOS traffic samples from three publicly Rathbun, E. Bou-Harb, F. Iqbal, S. Samtani, J.

available datasets towards train ResNet-18 model Crichigno, & N. Ghani, ``On data-driven curation,

(called ResNetDDoS-1 model). resulting learning, & analysis for inferring evolving Internet-

Page 8 of 10 - AI Writing Submission Submission ID trn:oid:::31142:95200423

 Page 9 of 10 - AI Writing Submission Submission ID trn:oid:::31142:95200423

of-Things (IoT) botnets in wild,'' Comput. Secur., https://www.zdnet.com/article/awssaid-it-

vol. 91, Apr. 2020, Art. no. 101707. mitigated-a-2-3-tbps-ddos-attack-the-largest-ever/

[4] F. Hussain, S. G. Abbas, M. Husnain, U. U. [12] Shodan. Accessed: May 3, 2021. [Online].
Fayyaz, F. Shahzad, & G. A. Shah, ``IoT DoS & Available: https://www. shodan.io/
DDoS attack detection using ResNet,'' in Proc. IEEE
[13] Censys. Accessed: May 3, 2021. [Online].
23rd Int. Multitopic Conf. (INMIC), Nov. 2020, pp.
Available: https://censys.io/ [14] C. Kolias, G.
1_6.
Kambourakis, A. Stavrou, & J. Voas, ``DDoS in
[5] S. Dange & M. Chatterjee, ``IoT botnet: largest IoT: Mirai & other botnets,'' Computer, vol. 50, no.
threat towards IoT network,'' in Data 7, pp. 80_84, 2017.
Communication & Networks. Singapore: Springer,
[15] R. Hallman, J. Bryan, G. Palavicini, J. Divita,
2020, pp. 137_157.
& J. Romero-Mariona, ``IoDDoS_The internet of
[6] F. Hussain, S. G. Abbas, U. U. Fayyaz, G. A. distributed denial of sevice attacks,'' in Proc. 2nd Int.
Shah, A. Toqeer, & A. Ali, “Towards a universal Conf. Internet Things, Big Data Secur. Setúbal,
features set for IoT botnet attacks detection,'' in Portugal: SciTePress, 2017, pp. 47_58.
Proc. IEEE 23rd Int. Multitopic Conf. (INMIC),
[16] H.-T. Nguyen, Q.-D. Ngo, & V.-H. Le, ``A
Nov. 2020, pp. 1_6.
novel graph-based approach for IoT botnet
[7] A. O. Proko_ev, Y. S. Smirnova, & V. A. Surov, detection,'' Int. J. Inf. Secur., vol. 19, no. 5, pp.
``A method towards detect Internet of Things 567_577, Oct. 2020.
botnets,'' in Proc. IEEE Conf. Russian Young Res.
[17] F. Hussain, S. G. Abbas, G. A. Shah, I. M. Pires,
Electr. Electron. Eng. (EIConRus), Jan. 2018, pp.
U. U. Fayyaz, F. Shahzad, N. M. Garcia, & E.
105_108.
Zdravevski, ``A framework for malicious traf_c
[8] B. K. Dedeturk & B. Akay, ``Spam _ltering detection in IoT healthcare environment,'' Sensors,
using a logistic regression model trained through an vol. 21, no. 9, p. 3025, Apr. 2021.
arti_cial bee colony algorithm,'' Appl. Soft Comput.,
[18] Y. Meidan, M. Bohadana, Y. Mathov, Y.
vol. 91, Jun. 2020, Art. no. 106229.
Mirsky, A. Shabtai, D. Breitenbacher, & Y. Elovici,
[9] N. Vlajic & D. Zhou, ``IoT as a land of ``N-BaIoT_Network-based detection
opportunity for DDoS hackers,'' Computer, vol. 51,
of IoT botnet attacks using deep autoencoders,''
no. 7, pp. 26_34, 2018.
IEEE Pervasive Comput., vol. 17, no. 3, pp. 12_22,
[10] GitHub Survived Biggest DDoS Attack Ever Jul./Sep. 2018.
Recorded. Accessed: May 3, 2021. [Online].
[19] H. Hindy, D. Brosset, E. Bayne, A. Seeam, C.
Available: https://github.blog/2018-03-01-
Tachtatzis, R. Atkinson, & X. Bellekens, ``A
ddosincident- report/
taxonomy & survey of intrusion detection system
[11] AWS Said it Mitigated a 2.3 Tbps DDoS design techniques, network threats & datasets,''
Attack, Largest Ever. Accessed: May 3, 2021. 2018, arXiv:1806.03517.
[Online]. Available:

Page 9 of 10 - AI Writing Submission Submission ID trn:oid:::31142:95200423

 Page 10 of 10 - AI Writing Submission Submission ID trn:oid:::31142:95200423

[20] L. Le Jeune, T. Goedemé, & N. Mentens,

``Machine learning for misuse-based network
intrusion detection: Overview, uni_ed evaluation &
feature choice comparison framework,'' IEEE
Access, vol. 9, pp. 63995_64015, 2021.

[21] C. Kim, M. Jang, S. Seo, K. Park, & P. Kang,

``Intrusion detection based on sequential
information preserving log embedding methods &
anomaly detection algorithms,'' IEEE Access, vol. 9,
pp. 58088_58101, 2021.

[22] V. T. Alaparthy & S. D. Morgera, ``A multi-

level intrusion detection system for wireless sensor
networks based on immune theory,'' IEEE Access,
vol. 6, pp. 47364_47373, 2018.

[23] K. He, X. Zhang, S. Ren, & J. Sun, ``Deep

residual learning for image recognition,'' in Proc.
IEEE Conf. Comput. Vis. Pattern Recognit.
(CVPR), Jun. 2016, pp. 770_778.

[24] W. Wang, Y. Shang, Y. He, Y. Li, & J. Liu,

``BotMark: Automated botnet detection among
hybrid analysis of _ow-based & graph-based traf_c
behaviors,'' Inf. Sci., vol. 511, no. 2, pp. 284_296,
Feb. 2020.

[25] W. Yassin, R. Abdullah, M. F. Abdollah, Z.

Mas'ud, & F. A. Bakhari, ``An IoT botnet prediction
model using frequency based dependency graph:
Proof-of-concept,'' in Proc. 7th Int. Conf. Inf.
Technol., IoT Smart City, Dec. 2019, pp. 344_352.

Page 10 of 10 - AI Writing Submission Submission ID trn:oid:::31142:95200423