2022 Iraqi International Conference on Communication & Information Technologies ( IICCIT-2022) , Basrah University ,
Basrah , Iraq
Botnet Mobile Detection Using Machine &
Deep Learning Techniques
2022 Iraqi International Conference on Communication and Information Technologies (IICCIT) | 978-1-6654-7220-3/22/$31.00 ©2022 IEEE | DOI: 10.1109/IICCIT55816.2022.10010653
Mustafa Al-farttoosi
Computer and electrical engineering
Altinbas university
Istanbul, turkey
[email protected]
Abstract— In this study, we discuss the most dangerous and
most widespread attacks, namely botnets. We will also discuss
the bot attack mechanism and introduce methods using
machine learning (ML) and deep learning techniques to detect
attacks entered by SMS or malware. This study investigates
the application of several methods based on ML, including
logistic regression, random forest, and deep neural networks. A
deep learning algorithm was applied to artificial neural
networks (ANN) in more than one way. Datasets were divided
into two halves to obtain more accurate results than classical
learning. Special preprocessing of datasets was applied to
improve the performance of classification algorithms. The
obtained accuracy from deep learning was encouraging. A
result of 99.79% was obtained for the SMS attacks and 98.48%
for the malware attacks.
Keywords—Botnet, Deep learning, Ham, Machine learning,
Malware, Spam.
I. INTRODUCTION
The next mobile generation (5G) will include many
innovative technologies, such as device 2 device communication
(D2D), machine 2 machine communication, massive MIMO,
autonomous vehicle, software-defined network (SDN) and
virtual function network. This development will lead to an
increase in the number of users and user equipment (UE) and
IoT machines. It is predicted to reach 1.5 billion subscribers
for eMBB by the end of 2024, according to the Ericson
mobility report [1]; 5G will connect approximately 7 trillion
wireless devices or things, shrink the average rate of services
creation from 90 hours to 90 minutes [2]. 5G is the first mobile
technology designed to meet the requirement of connected
devices for health, industrial applications, transportation,
banking, and many other IoT uses cases. However, that will
increase the potential security challenges, safety issues, and
cyber attacks since already most of the user equipment
devices have an open system that makes these devices a
potential and tempting target for hackers, especially IoT
devices, which are considered vulnerable to cyber attacks. In
general, the following could be the main reason that makes
IoT devices and UE vulnerable to hacking, such as [3]:
• Lack of encryption or poor encryption
• Default password
• Poor support
• Lack of user awareness
978-1-6654-7220-3/22/$31.00 ©2022 IEEE
Authorized licensed use limited to: ULAKBIM UASL - Altinbas Universitesi. Downloaded on January 14,2023 at 09:28:52 UTC from IEEE Xplore. Restrictions apply.
Hasan Abdulkader
Dept. of Electrical and Computer
Engineering (ECE)
Altinbas University
Istanbul, turkey
[email protected]
Among the potential malicious attack, the most powerful
one is the botnet attack. Kaspersky lab reported in 2016 that
botnet-assisted DDoS attacks present 78.9 percent of all
detected attacks [4]. In the future, Internet of things (IoT)
devices and UE may play the main role in health, industrial,
banking services, and other vital fields, so any threat
exposed to these devices will be a big problem for
institutions and factories.
In establishments that use these devices, for the mobile
devices, the attacker may steal sensitive confidential or
private information or credential and financial information
using botnet attacks that aim to create a distributed denial
of service (DDoS). Similar to the botnet in legacy, mobile
network future botnet will be for 5G network.
TABLE I. TYPES OF A BOTNET ATTACK
Attack Impact of Attack
Preventing a single system from servicing legitimate
DDoS
request
Active advertising of a commercial offering without
Adware the user’s permission or awareness
Sending information to the botmaster about a
victim’s activity such as credit card number,
spyware passwords, and other information that can be sold
onthe black market
Flooding people with emails disguised as messages
Email spam
from people but containing malicious links
Networks of many UE (mobile or IoT) are under the
control of malicious actor called bot master that periodically
gives orders as a centralized 5G mobile botnet where the
compromised devices will be controlled through central
command and control (C&C) server[5], the bot master will
be responsible for choosing the mobile devices that will be
compromised by malware and turned into bots. This, in turn,
will be a bot proxy server which is considered a mean of
communication between the bot master and other slave bots.
Also, the bot device will always receive requests from the bot
master for a specific duration of time. These attacks will form
a very big network of malicious devices with unstable
topology because of user equipment movement from one
macro cell to another.
82
 2022 Iraqi International Conference on Communication & Information Technologies ( IICCIT-2022) , Basrah University ,
Basrah , Iraq
Fig. 1. Centralized 5G Botnet.
A. Datasets
Our study covered two datasets. The first dataset was a
collection of SMSs containing clean SMS and malicious
SMS, while the second dataset was a grouped data of clean
and malicious software. Over this, our datasets were
separated into two types according to the classification of the
botnet attack on the mobile phone, which would be the focus
of our investigation. These categories were SMS and
malware, and their respective tables contained information
regarding whether or not an attack was classified as a botnet.
The SMS dataset and the malware dataset were chosen from
the repository because most of the programs that were
included in the database are programs that were installed on
the computer and received using mobile devices, as well as
their application, some of which are harmful and some of
which are useful. These datasets were used by many
researchers to conduct tests using machine learning (ML)
techniques and deep learning techniques to train these
datasets, whereas the SMS dataset consisted of the message
content and the message classification that included spam or
ham, which were represented by bivariate variables, the
dataset of malware, which contained 54 features, was made
up of classes of applications and their content forming a
multivariate dataset.
SMS dataset consisted of 5,574 text messages from the
UCI Machine Learning repository registered in 2012 [6] [7].
A subset of 3,375 randomly selected non-spam (ham) SMS
messages from the NUS SMS Corpus was included, as were
425 manually extracted spam messages from the
Grumbletext website (a UK community where mobile
phone users made public allegations about spam).
As the malware attacks, a dataset is concerned, it was
also provided with the collection and identification of benign
and malware files. Malware samples were obtained from
several trusted websites, which include VirusTotal and
Kaggle [8]. The latter dataset used in this study collected
138,047 samples with 41,323 normal samples and 96,724
malware samples.
B. Algorithms
According to a broad definition of artificial intelligence
(AI), the term refers to a specific approach that allows
computers to imitate human behavior and duplicate or excel
83
Authorized licensed use limited to: ULAKBIM UASL - Altinbas Universitesi. Downloaded on January 14,2023 at 09:28:52 UTC from IEEE Xplore. Restrictions apply.
over human decision-making to accomplish complicated
tasks independently or with minimum human participation
[9]. As a result, it is concerned with a wide range of
fundamental issues, including the representation of
information, reasoning, learning, planning, perception, and
communication. It relates to a wide range of algorithms and
procedures.
Handcrafted feature engineering is no match for the
power of deep neural networks. Using their innovative
architecture, they can extract discriminative feature
representations using minimum human effort. Because of
this, deep learning (DL) is better able to deal with huge,
noisy, and unstructured datasets than other approaches.
Features are often learned hierarchically, starting with basic
ones and building up to more complex features. However,
there are several strategies for learning features in
combination with the phase of developing a model
depending on the kind of data and the choice of deep neural
network architecture.
The term “machine learning” refers to the process by
which computers learn from the data they are given using
certain algorithms to complete a job without being
specifically programmed. DL is a kind of ML that employs
kind of complicated deep neural network structures
fashioned after the human brain and provided with specific
algorithms to learn even deep layers. The processing of
unstructured data, such as documents, photos, and text, is
made possible as a result of its impressive capability.
Applications like checking messages, software, or any of
the currently popular issues were solved using ML. In
general, ML implies that a computer program's performance
increases its accuracy over time for a certain set of tasks and
performance measurements [10]. The goal is to automate the
process of creating analytical models to carry out cognitive
tasks like image classification, object identification, or
natural language translation.
II. LITERATURE REVIEW
The topic of malware detection and SMS spam detection
has attracted many interests since it touches all users of IT
especially mobile compliances.
Spam detection using ML and DL algorithms is a
statistical adaptive learning model. For SMS spam
classification, many researchers have used ML approaches in
the past (more references [11-15]). M. Rubin Julis et al. [11]
used a support vector machine to attain a 97% accuracy rate
with multiple ML classifiers. Also, support vector machines
provided the best accuracy of 97.3% among a variety of ML
methods given by Pavas Navaney[12]. Nilam Nur Amir
Sjarif et al. [13] used random forest classifiers to reach
97.5% accuracy when used with the TF-IDF approach.
Inverse Document Frequency (IDF) is constant per corpus
and accounts for the ratio of documents that include that
specific “term,” and Term Frequency (TF) is the frequency
of any “term” in a given “document,” so these are two
methods used to quantify the words in a document. For the
identification of SMS spam, Tian Xia et al. [14] suggested
the Hidden Markov Model. As a result of including
information regarding word order, their model was able to
address problems with low short-term frequency. Their
proposed HMM model has a 98% accuracy rate. Sheikh [15]
 2022 Iraqi International Conference on Communication & Information Technologies ( IICCIT-2022) , Basrah University ,
Basrah , Iraq
advocated using feature selection and the Neural Network
model for SMS spam identification and got an excellent
accuracy rate of nearly 98%.
There are a few other studies on malware detection using
ML. In [16] “A Multi-Dimensional Machine Learning
Approach to Predict Sophisticated Malware” focused on
predicting the advanced malware that is comparable to
Stuxnet by employing four separate aspects of the
Regression algorithm. Random Forest Regression and Linear
and Polynomial Regression are included in the features.
Linear and polynomial regression are inefficient with four
algorithms, but random forest regression delivers superior
predictions with additional data, according to the findings of
his study.
In [17], “Machine Learning Aided Android Malware
Classification” has conducted research towards finding and
classifying malware in mobile apps using ML. It was shown
that the permission-based technique could distinguish
between malware and goodware in 89% of situations, while
the source code analysis classification of performance was
above 95%. SVM had a 95.1% accuracy rate, while
ensemble learning had a 95.6% accuracy rate.
Hemalatha and Selvabrunda [18] have suggested ML
classifiers to identify the previous portable malware, with the
mixed kernel function unique to support vector machines and
selected fundamental information, such as data content time
and order utilizing various network-based functions.
MalGenome's dataset is used in the calculation. In this case,
the implementation was based on a mixed kernel function
using SVM, which yielded an accuracy of 96.89% when
compared to previous models.
Furthermore, Cuan Bonan's study showed how they
employed ML approaches to identify hazardous PDF
activities. First and foremost, the SVM classifier was built up
and capable of detecting 99.7% of the malware. Although a
malicious file has easily fooled the classifier, the classifier
was cleaned by forging the data. According to a report, they
have successfully used a gradient-descent assault to thwart
the SVM algorithm [19].
III. METHODOLOGY
A. Dataset modification
Due to the restriction of our topic to the mobile botnet,
two datasets were chosen. The first one was the SMS which
consisted of spam and ham messages. For each message, the
dataset attributed two fields, a field for describing the
message and a message field. The total number of messages
in the dataset was 5,574 messages. Concerning the second
dataset, the MALWARE, which contained 138,047
applications, had 54 features, such as “Size of Optional
Header, Address of Entry Point, Major Linker Version,
Minor Linker Version and Size of Code. ” Besides the
features, the dataset attributed a description of the application
as “legitimate,” which could be True/False. Thus, the
program was developed on the platform “Google Colab”
using Python and specialized libraries, such as scikit-learn
and pandas. After that, we used the program to analyze the
data and associated manipulation of tabular data in
DataFrames. Pandas allow importing data from various file
84
Authorized licensed use limited to: ULAKBIM UASL - Altinbas Universitesi. Downloaded on January 14,2023 at 09:28:52 UTC from IEEE Xplore. Restrictions apply.
formats, such as comma-separated-values, JSON, Parquet,
SQL database tables or queries, and Microsoft Excel. In that
case, our data were described as "CSV" file. In the following,
we will explain how we use it in detail.
a) SMS: We discovered that the SMS dataset was not
evenly distributed. Unbalanced data sets were common, and
the problem arose when ML algorithms tried to find these
unusual situations in huge datasets where results were few.
Since classes had different memberships, the method
preferred sorting in the class with the most cases, the
majority class, while still presenting the illusion of a high-
fidelity model. The minority class, least present in the
dataset, would not participate enough in the learning
process, and misleading accuracy was thrown out of the
prediction models we built because of their unpredictable
nature. A data set was generated from two categories of data
using the oversampling method to the spam when the
transaction was fraudulent and inspiring due to its low
value. The proportion of ham was much higher than spam,
so the sampling method was used to overcome this problem,
which was used to intensify the samples from the minority
and add duplicates of ML from the minority class to become
an over-sampled dataset.
b) Malware: Initially, we faced difficulty in training
the data due to the small number of valid programs, totaling
41,323 samples, compared to the number of malware
programs, which numbered 96,724 samples, which means
the difference between malware and legit apps is about
55,401 samples, and it is a very huge difference. By splitting
the datasets into two sub-datasets, we realized that one of
the models outperformed the other widely. We suggested
applying the method “df.sample()” for shuffling the data and
implementing the method “df.reset_index()” that was
proven to work effectively and here was how to write the
equation representing:
“malData.sample(frac=1).reset_index(drop=True)”
To make the data more balanced even after splitting the
data into two halves, and as part of preparing the data for
ML, we normalized the malware dataset using Python’s
function “lambda:”
“X_Data1.apply(lambda x: (x - x.min(axis=0)) / (x.max(axis=0) -
x.min(axis=0)))”
The objective of normalization was to let the values of
the features range between (0 and 1) according to the
following equation:
()
The idea of dividing the dataset into two halves was
proposed, and algorithms were trained, which allowed later
to find more accurate results. Then, the accuracy measures
were averaged to obtain a single value of accuracy.
 2022 Iraqi International Conference on Communication & Information Technologies ( IICCIT-2022) , Basrah University ,
Basrah , Iraq
Fig. 2. Oversampling Dataset technology.
The entire work was based on SK-Learn, for SMS, so we
split the two datasets with an average of 70% of the training
data (1950 for both halves) and 3900, 30% of the test data
(837 for both halves) and 1,674. On the other hand, the
malware dataset was also split into two datasets with an
average of 80% of the training data (55219 for the first half
and 55218 for the second half) which the total is 110437,
20% of the test data (13805 for the first half and 13805 for
the second half) which the total is 27610.
After that, we applied these datasets to the three
algorithms (Random Forest, Linear Regression, and
Artificial Neural Network) and trained the models with
datasets before and after oversampling.
• Random forest: it should select random samples from
a given dataset, construct a decision tree for each
sample and get a prediction result from each decision
tree. After that, it performs a vote for each predicted
result, and lastly, selects the prediction result ‘Spam
or Ham’ in the SMS datasets and ‘Legit or non Legit
apps’ in the malware dataset with the most votes as
the final prediction.
• Logistic Regression: a classification algorithm that is
used to predict the probability of a categorical
dependency of samples. Thus, the dependent variable
here is the spam and ham messages, like a binary
variable that contains data coded as 1 (spam,
malware) and 0 (ham, legit).
• Artificial neural network: for the ANN model we
used the Keras library. We firstly utilized a batch size
of 32 for the whole dataset, then the epoch was
adjusted to 100 and replaced “Spam & Ham” &
“malware & legit” terms into ‘1 & 0.’ The ANN used
in “SMS” has a total of “4” layers: one input layer-
“2” hidden layers- and 1 output layer and used 31393
trainable parameters. While in “Malware,” the
number of layers was “5”: one input layer-“3” hidden
layers- and one output layer, and used 1057 trainable
parameters.
Lastly, Lastly, we compare the performance of models
based on measures, such as “Sensitivity and Cohen’s Kappa
(for SMS Dataset),” “f1-score (for Malware Dataset), and
Accuracy for both datasets.” To this end, we compute the
predictions of the ‘testing inputs’ and compare them to the
actual ‘testing outputs.’
85
Authorized licensed use limited to: ULAKBIM UASL - Altinbas Universitesi. Downloaded on January 14,2023 at 09:28:52 UTC from IEEE Xplore. Restrictions apply.
Cohen's kappa (κ) is a statistic that measures reliability
among commentators for qualitative (categorical) items. It is
a more powerful measure than simple percentage agreement
calculations because it considers the possibility of an
agreement occurring by chance. It is a dual reliability
measure between two annotations.
Cohen's kappa statistic is the agreement between two
raters, where Po is the observed relative agreement between
the raters (congruent with accuracy), and Pe is the
hypothetical probability of chance agreement. You find the
equation for the scale below.
()
The sensitivity for the SMS dataset determines the ratio
between how many were correctly identified as positive to
how many were positive. In other words, Sensitivity
measures how various sources of uncertainty in a
mathematical model contribute to the model's overall
uncertainty, and the equation below describes the scale of
sensitivity:
()
The F1-score (for the malware dataset) is used to
compare ML algorithms and represent a statistical measure
to rate performances and the quality of that model, so it can
be calculated as the equation below:
()
Where Precision is correct positive predictions relative to
total positive predictions and Recall is correct positive
predictions relative to total actual positives
Where the components of the confusion matrix of 4 cells
given by the sequence “TP, FP, FN, TN”, “TP” represents
“true positive,” which indicates the number of positive
samples that were accurately categorized, “FP” shows a
“false positive” value, that is, the number of negative
samples classified as positive, “FN” means the “false-
negative” value which means the number of actual positive
samples classified as negative, “TN” represents the number
of accurately classified negative samples. Thus, the
confusion matrix allows us to visualize the performance of
the classification models.
IV. RESULTS
The mobile botnet was divided into two parts, SMS and
malware, and each dataset was divided into two halves to
find quality measures for the first and second half. By the
end, the average value of each measure was obtained to find
more accurate results by implementing algorithms (logistic
regression, random forest, and Artificial Neural Network). In
the following, details of the program developed on “Google
Colab” using Python and specialized libraries, and we
noticed the following.
 2022 Iraqi International Conference on Communication & Information Technologies ( IICCIT-2022) , Basrah University ,
Basrah , Iraq

TABLE I : MALWARE DATASET RESULT WITHOUT NORMALIZATION

Results
Classifiers Accuracy of the Accuracy of
F1-Score TP FP FN TN
test dataset train dataset
Logistic regression 70.06% 70.06% 0% 19250 0 8360 0
Average
Result
Random Forest 98.45% 98.27% 97.34% 19080 170 277 8083
Without
Normalization Artificial Neural
70.08% 70.1% 0.15% 19249 1 8359 1
Network
Logistic regression 97.25% 97.33% 95.33% 18919 331 410 7950
Normalized
Average Random Forest 97.51% 97.48% 95.69% 19144 106 569 7791
Result
Artificial Neural
98.44% 98.48% 97.38% 19067 183 162 8198
Network

A. SMS
Through previous studies, it turned out that most of the
results were when analyzing the complete and unbalanced
dataset and comparing these to results achieved by methods
we proposed using one of the data balancing methods, and as
we explained the reason for this discrepancy in the results
and the attempt to improve the results. Therefore, the
oversampling method was used, characterized by increasing
the frequency of the minority category ‘spam’ and making it
equal to the majority category ‘ham.’ It necessitated the use
of oversampling method to deal with this unbalanced data, as
each section contained 4825 messages, and the total number
of data points was 9650. Using this method, we can obtain a
more complete and balanced dataset, which drastically
improves the performance of the proposed models, as shown
in Table II . The results regarding the rate before the process
of data imbalance were the worst results in terms of
TABLE II.
B. Malware
Through the preliminary tests, the dataset was used
completely without preprocessing, and the best of the models
focused heavily on the SVM algorithm. Results were similar
to those explained in the literature review section. Before
modifying the dataset, we noticed a dispersion in the logistic
regression readings because this algorithm is usually used for
binary classification. Also, training ANN tends to constantly
decrease the measured error between its output and reference
output. What we have in the dataset, as features are huge
numeric entries, which causes the saturation of neurons
output and prohibits the convergence toward acceptable
models. Thus, the dataset is normalized, i.e., the huge values
of features are converted to values between (0-1). The same
SMS DATASET RESULTS

Results
Classifiers Cohen's
Accuracy Sensitivity TP FP FN TN
Kappa
Logistic regression 97.52% 83.44% 88.91% 1453 0 33 186
Unbalancd
Average Random Forest 97.15% 80.33% 87.06% 1453 0 37 182
Result
Artificial Neural
Network 98.08% 86.92% 91.46% 1452 1 29 190
Logistic regression 99.83% 99.925% 99.653% 1450 4 4 1437
Oversampling
Average Random Forest 99.9% 100% 99.79% 1453 1 0 1441
Result
Artificial Neural
Network 99.757% 99.645% 99.51% 1453 1 10 1431
accuracy: ‘97.15%’ for the Random Forest algorithm and the method was applied as the dataset was separated into two
best result was ‘98.08%’ for ANN. The lowest result in equal sub-datasets. Found results by the models trained
sensitivity was reached ‘80.33%’ for the Random Forest separately by the first and second half datasets, and then the
algorithm, and the highest result was ‘86.92%’ for ANN. average value of quality measures are illustrated in Table I .
And finally, Cohen's kappa results reached the lowest value
for the Random Forest algorithm of 87.06% and the highest The results before the data normalization process were
value of 91.46% for the ANN algorithm. After using the lowest regarding accuracy in the data test, which
balancing methods, results became more accurate and stable: amounted to 70.06% for the logistic regression algorithm.
the accuracy of the ANN model reached 99.757% and of The best result was 98.45% for Random Forest. The lowest
Random Forest reached the highest value of 99.9%, the accuracy in training the data was 70.06% for the logistic
sensitivity of the ANN model reached 99.645%, and of regression algorithm and the highest accuracy was 98.27% in
Random Forest reached 100%, and finally the Cohen's kappa Random Forest. And finally, the F1-Score reached the lowest
measure was at the lowest value of 99.51% for the ANN value for logistic regression was resulted at 0%, and ANN
model and reached the highest value of 99.79% for the models reached 0.15%.
Random Forest algorithm.

86

Authorized licensed use limited to: ULAKBIM UASL - Altinbas Universitesi. Downloaded on January 14,2023 at 09:28:52 UTC from IEEE Xplore. Restrictions apply.
 2022 Iraqi International Conference on Communication & Information Technologies ( IICCIT-2022) , Basrah University ,
Basrah , Iraq
However, the result of the Random Forest algorithm was
97.34%. After normalization, the results became more
accurate, as the result lowered to an accuracy of 97.25% for [5]
logistic regression in the testing dataset and topped at an
accuracy of 98.44% for ANN. Moreover, for training data, [6]
the lowest accuracy was equal to 97.33% for the logistic
regression algorithm, and the highest accuracy was equal to
98.48% for the ANN model. Finally, concerning the F1- [7]
Score, the worst result was observed for the logistic
regression algorithms, equal to 95.33%, but the best value [8]
was recorded for the ANN model, equal to 97.38%.
[9]
CONCLUSION
In this work, on defining bot networks attack detection, [10]
artificial intelligence-based methods were proposed. A
preprocessing phase of datasets is presented, consisting of
[11]
splitting data into two halves and making it normalized and
balanced. SMS attacks and malware detection using ML
methods, including ANN, random forest, and logistic [12]
regression to classify norm and harmful samples, were
tested. The results of the experiments were ranked in order of
preference based on how the model performed concerning
SMS attacks. ML methods achieved high results, and this is [13]
thanks to the oversampling of data when compared to other
methods before the equilibrium process, which can
theoretically be used to better identify a variety of attacks,
bots and other forms of unwanted network behavior than [14]
previously created models.
ML was also used for malware detection so that the [15]
results using the original dataset were sorted in order of
preference, which changed the results after the data was
shuffled and normalized with obtaining great results in ANN
and logistic regression models, but the random forest
classifier saw a slight decrease in the results, and the findings [16]
suggest that the dataset handled better after normalization.
REFERENCES [17]
[1] “5G estimated to reach 1.5 billion subscriptions in 2024 - Ericsson.”
[Online]. Available: https://www.ericsson.com/en/press-
releases/2018/11/5g-estimated-to-reach-1.5-billion-subscriptions-in-
2024--ericsson-mobility-report. [18]
[2] 5G-PPP Security WG, “5G-PPP Phase1 Security Landscape,” white
paper,2017.
[3] I. Ahmad, T. Kumar, M. Liyanage, J. Okwuibe, M. Ylianttila, and A. [19]
Gurtov, “Overview of 5G Security Challenges and Solutions,” IEEE
Commun. Stand.Mag., vol. 2, no. 1, pp. 36–43, 2018, DOI:
10.1109/MCOMSTD.2018.1700063.
[4] O. Kupreev, J. Strohschneider, and A. Khalimonenko, Kaspersky
DDOS Intelligence Report for Q3 2016, tech. report, SecureList, 31
87
Authorized licensed use limited to: ULAKBIM UASL - Altinbas Universitesi. Downloaded on January 14,2023 at 09:28:52 UTC from IEEE Xplore. Restrictions apply.
Oct. 2016; https://securelist .com/kaspersky-ddos-intelligence-report-
for-q3-2016 /76464.
G. Mantas, N. Komninos, J. Rodriguez, E. Logota, and H. Marques,
“Security for 5G Communications,” Fundam. 5G Mob. Networks, pp.
207– 220, 2015, DOI: 10.1002/9781118867464.ch9
SMS Spam Collection Data Set from UCI Machine Learning
Repository,http://archive.ics.uci.edu/ml/datasets/SMS+Spam+Collecti
on
SMS Spam Collection v.1, ”http://www.dt.fee.unicamp.br/∼tiago/
smsspamcollection
K. Inc. Kaggle, Retrieved from
https://www.kaggle.com/nsaravana/malwaredetection#Malware%20d
ataset.cs, 2019.
S. J. Russell, & P. Norvig, Artificial intelligence: A modern approach
(4th ed.). Pearson. (2021).
M. I. Jordan, & T. M. Mitchell, Machine learning: Trends,
perspectives, and prospects. Science, 349(6245), 255 –260.
https://doi.org/10.1126/science.aaa8415 , (2015).
M. Rubin Julis, S.AIagesan: “Spam Detection In Sms Using Machine
Learning through Textmining”, International Journal Of Scientific &
Technology Research Volume 9, Issue 02, February 2020.
P. Navaney, G. Dubey, A. Rana, “SMS Spam Filtering using
Supervised Machine Learning Algorithms.,” in 8th International
Conference on Cloud Computing, Data Science & Engineering, 978 -
1- 5386-1719-9/18/ 2018 IEEE.
N. Nur Amir Sjarif, N F Mohd Azmi, Suriayati Chuprat, “SMS Spam
Message Detection using Term Frequency-Inverse Document
Frequency and Random Forest Algorithm,” in The Fifth Information
Systems International Conference 2019, Procedia Computer Science
161 (2019) 509-515, ScienceDirect.
T. Xia, Xuemin Chen, “A Discrete Hidden Markov Model for SMS
Spam Detection.,” in Applied Science, MDPI, Appl. Sci. 2020, 10,
5011; doi:10.3390/app10145011.
S. Sheikhi, M.T.Kheirabadi, A.Bazzazi, “An Effective Model for
SMS Spam Detection Using Content-based Features and Neural
Network”, International Journal of Engineering, IJE
TRANSACTIONS B: Applications Vol. 33, No. 2, (February 2020)
221-228.
S. Bahtiyar, M. B. Yaman,., & C. Y. A. Altıniğne, multi-dimensional
machine learning approach to predict advanced malware. Computer
Networks, 160, 118–129, 2019.
https://doi.org/10.1016/j.comnet.2019.06.015
N. Milosevic, A. Dehghantanha, & Choo, K. K. R. Machine learning
aided Android malware classification. Computers and Electrical
Engineering, 61, 266–274, 2017.
https://doi.org/10.1016/j.compeleceng.2017.02.013
S. Hemalatha, “Mobile Malware Detection using Anomaly Based
Machine Learning Classifier Techniques,” International Journal of
Innovative Technology and Exploring Engineering (IJITEE), ISSN:
2278-3075, Volume-8, Issue11S2, September 2019.
B. Cuan, A. Damien, C. Delaplace, & Valois, M. Malware detection
in PDF files using machine learning. ICETE 2018 - Proceedings of
the 15th International Joint Conference on e-Business and
Telecommunications, 2, 412–419, 2018.
https://doi.org/10.5220/0006884705780585.