Title: OneR-DQN: a botnet traffic detection model based on deep Q network algorithm in deep reinforcement learning

Authors: Yutao Hu; Yuntao Zhao; Yongxin Feng; Xiangyu Ma

Addresses: School of Information Science and Engineering, Shenyang Ligong University, Shengyang 110870, China ' School of Information Science and Engineering, Shenyang Ligong University, Shengyang 110870, China ' School of Information Science and Engineering, Shenyang Ligong University, Shengyang 110870, China ' School of Information Science and Engineering, Shenyang Ligong University, Shengyang 110870, China

Abstract: With the continuous progress of network technology, the rapid growth of botnets poses a significant challenge to network security. A universal detection model needs to be improved to cope with various datasets with variable feature states. This article constructs a detection model based on deep reinforcement learning (DRL) deep Q network (DQN). It uses a OneR classifier to select features from the dataset and hand them to the model for training. The unique experience pool mechanism of DQN is used to extract independent experience and training samples for cross-training continuously. The trained model compares with the other detection models in a new dataset for experimental comparison. The experiment shows that compared with the existing detection model, the improved DQN botnet detection model has higher accuracy rate and precision rate, which indicates that the detection model equipped with the DQN algorithm has more robust adaptability in the new dataset.

Keywords: botnet detection; deep reinforcement learning; DRL; DQN model; feature classification; OneR classifier.

DOI: 10.1504/IJSN.2024.137334

International Journal of Security and Networks, 2024 Vol.19 No.1, pp.31 - 42

Received: 20 Mar 2023
Accepted: 08 Jun 2023
Published online: 12 Mar 2024 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article