Files and links (1)
CC BY V4.0, Open Access
Journal article
The evolving threat landscape of botnets: Comprehensive analysis of detection techniques in the age of artificial intelligence
Internet of things (Amsterdam. Online), Vol.33, 101728
2025
Abstract
Botnets represent a significant and evolving cybersecurity threat, leveraging networks of compromised devices for various malicious activities, including data exfiltration (e.g., Truebot malware), credential theft, and distributed denial-of-service (DDoS) attacks. heir increasing sophistication includes advanced evasion techniques such as domain generation algorithms (DGAs), encrypted command-and-control (C&C) channels, and peer-to-peer (P2P) architectures. These innovations pose substantial challenges to conventional detection systems. Existing surveys typically examine isolated detection methodologies or specific datasets, failing to address comprehensively the broader landscape, especially regarding adversarial manipulation of machine learning (ML) and artificial intelligence (AI) feature sets. To address this critical gap, this survey introduces the first systematic adversarial-aware analysis of botnet detection strategies. It specifically evaluates how adversaries exploit ML/AI feature manipulation, such as through noise injection and feature perturbation, to evade detection, a perspective that has not been quantitatively addressed in prior literature. A core contribution is our explicit benchmarking of detection model robustness across four quantitative metrics, faithfulness, monotonicity, sensitivity, and complexity, providing novel insights into the resilience of state-of-the-art models under adversarial conditions. Additionally, we highlight persistent practical challenges including limited dataset diversity and dependence on high-quality labeled data, and propose potential mitigation approaches such as synthetic data generation, federated and semi-supervised learning, and lightweight detection architectures tailored for resource-constrained IoT deployments. Finally, we outline key future research directions emphasizing standardized robustness evaluation frameworks, explainable AI to enhance interpretability and trust, and privacy-preserving collaborative data-sharing mechanisms. By integrating this adversarial-aware perspective with a comprehensive and practical evaluation framework, this work contributes to the field’s understanding of botnet detection and supports the design of more robust and resilient cybersecurity solutions through insights relevant to both researchers and practitioners.
Details
- Title
- The evolving threat landscape of botnets: Comprehensive analysis of detection techniques in the age of artificial intelligence
- Authors/Creators
- Arash Mahboubi - Charles Sturt UniversityKhanh Luong - Queensland University of TechnologyHamed Aboutorab - University of New South Wales, AustraliaHang Thanh Bui - University of New South Wales, AustraliaSeyit Camtepe - Commonwealth Scientific and Industrial Research OrganisationKeyvan Ansari - Murdoch University, College of Science, Technology, Engineering and MathematicsBazara Barry - Cyber Security New South Wales - Digital NSW, Australia
- Publication Details
- Internet of things (Amsterdam. Online), Vol.33, 101728
- Publisher
- Elsevier B.V.
- Identifiers
- 991005807947507891
- Copyright
- © 2025 The Author(s).
- Murdoch Affiliation
- School of Information Technology; Murdoch University; College of Science, Technology, Engineering and Mathematics
- Language
- English
- Resource Type
- Journal article
Metrics
18 Record Views