Evolving Botnet Defenses: A Survey of Machine Learning Approaches for Identifying Polymorphic and Evasive Malware

The advancement of polymorphic and evasive malware helps botnets overcome traditional security mechanisms rendering the latter obsolete. This phenomenon, coupled with the skillful development of botnets, threateningly endangers the computer systems and networks of the modern day. This paper highlights the various ML techniques used for botnet detection, outlining their advantages, limitations, and possible uses. In particular, this study focused on supervised, unsupervised, and deep learning methods and their contributions in aiding the detection of botnets. This paper builds upon existing studies and experiments to provide a new perspective on assessment of the ML detector systems, their effectiveness, and the problems they encounter. This survey also sets out the primary pillars that new research needs to rest upon, especially for improving botnet defense systems.