Ensemble Learning for Detecting Remote Access Trojans
Abstract— Machine learning algorithms for network traffic classificat ion has been researched for several years. They are useful for both encrypted and unencrypted network traffic classification. Nowadays malicious malware like Remote Access Trojans go through network, and they are secretly installed in a victim’s computer, they stay in the victim host and communicate back to the attacker. The command and control traffic of Remote Access Trojans can be differentiated from normal traffic using machine learning based techniques. This paper compares the performance of nine supervised machine learning algorithms for detection of Remote Access Trojans . Both unbalanced and balanced dataset are applied for building model. Four ensemble learning methods give high detection rate. Among them, AdaBoost ensemble learning outperforms th
Index Terms— machine learning algorithms, Remote Access Trojans, AdaBoost algorithm
Khin Swe Yin, May Aye Khine
Faculty of Computing, University of Computer Studies, MYANMAR
Cite: Khin Swe Yin, May Aye Khine, "Ensemble Learning for Detecting Remote Access Trojans," Proceedings of 2019 the 9th International Workshop on Computer Science and Engineering WCSE_2019_SPRING, pp. 42-47, Yangon, Myanmar, February 27-March 1, 2019.