Article
FEATURE-DRIVEN BOTNET MITIGATION USING EXPLAINABLE SHAP AND XGBOOST ENSEMBLE LEARNING
Botnet attacks, particularly those employing Domain Generation Algorithms (DGA), contribute to over 40% of command-and-control traffic in cyber incidents, with global losses from botnet-driven attacks exceeding $2 billion annually. Traditional detection systems have shown an average false positive rate of 20–30%, significantly impacting response efficiency and operational trust. Studies indicate that explainability in machine learning models improves analyst decision validation by up to 35% in real-world cybersecurity applications. Existing manual detection techniques suffer from limited scalability, high analyst dependency, and lack of consistent interpretability, making them ineffective in real-time or high-volume network environments. Additionally, traditional methods often fail to detect obfuscated or rapidly evolving DGA patterns due to their static rule-based nature and inability to provide insights into the rationale behind decisions. To overcome these challenges, this work proposes an efficient Ensemble Explainable AI (XAI)-based collaborative defense mechanism for botnet detection, with a focus on enhancing interpretability, accuracy, and operational trust. The system utilizes the Botnet DGA dataset and employs a structured pipeline comprising data preprocessing (cleaning, normalization, transformation), SHAP-based feature attribution for transparency, and classification using the XGBoost ensemble model. The model is trained to differentiate between normal and botnet network traffic, with real-time testing supported by the same interpretability mechanisms. The final stage includes a robust performance evaluation using metrics such as accuracy, precision, and recall. Furthermore, collaborative threat intelligence sharing is integrated to refine detection capabilities across organizational boundaries, ensuring adaptive protection against emerging botnet threats while fostering a trusted and explainable cybersecurity ecosystem
Full Text Attachment
