{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T17:56:02Z","timestamp":1780336562535,"version":"3.54.1"},"reference-count":48,"publisher":"MDPI AG","issue":"14","license":[{"start":{"date-parts":[[2023,7,11]],"date-time":"2023-07-11T00:00:00Z","timestamp":1689033600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"United Arab Emirates University (UAEU)","award":["12R005"],"award-info":[{"award-number":["12R005"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>Cybercriminals are becoming increasingly intelligent and aggressive, making them more adept at covering their tracks, and the global epidemic of cybercrime necessitates significant efforts to enhance cybersecurity in a realistic way. The COVID-19 pandemic has accelerated the cybercrime threat landscape. Cybercrime has a significant impact on the gross domestic product (GDP) of every targeted country. It encompasses a broad spectrum of offenses committed online, including hacking; sensitive information theft; phishing; online fraud; modern malware distribution; cyberbullying; cyber espionage; and notably, cyberattacks orchestrated by botnets. This study provides a new collaborative deep learning approach based on unsupervised long short-term memory (LSTM) and supervised convolutional neural network (CNN) models for the early identification and detection of botnet attacks. The proposed work is evaluated using the CTU-13 and IoT-23 datasets. The experimental results demonstrate that the proposed method achieves superior performance, obtaining a very satisfactory success rate (over 98.7%) and a false positive rate of 0.04%. The study facilitates and improves the understanding of cyber threat intelligence, identifies emerging forms of botnet attacks, and enhances forensic investigation procedures.<\/jats:p>","DOI":"10.3390\/s23146302","type":"journal-article","created":{"date-parts":[[2023,7,12]],"date-time":"2023-07-12T01:05:01Z","timestamp":1689123901000},"page":"6302","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":37,"title":["Unmasking Cybercrime with Artificial-Intelligence-Driven Cybersecurity Analytics"],"prefix":"10.3390","volume":"23","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-5026-9767","authenticated-orcid":false,"given":"Amir","family":"Djenna","sequence":"first","affiliation":[{"name":"College of New Technologies of Information and Communication, University of Constantine 2, Constantine 25000, Algeria"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Ezedin","family":"Barka","sequence":"additional","affiliation":[{"name":"College of Information Technology, United Arab Emirates University, Al Ain P.O. Box 17555, United Arab Emirates"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Achouak","family":"Benchikh","sequence":"additional","affiliation":[{"name":"College of New Technologies of Information and Communication, University of Constantine 2, Constantine 25000, Algeria"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Karima","family":"Khadir","sequence":"additional","affiliation":[{"name":"College of New Technologies of Information and Communication, University of Constantine 2, Constantine 25000, Algeria"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"1968","published-online":{"date-parts":[[2023,7,11]]},"reference":[{"key":"ref_1","unstructured":"(2022, December 07). Wannacry, Petya, Notpetya. Available online: https:\/\/www.theguardian.com\/technology\/2017\/dec\/30\/wannacry-petya-notpetya-ransomware."},{"key":"ref_2","unstructured":"(2022, December 08). Cyberwarfare Special Report. Available online: https:\/\/cybersecurityventures.com\/hackerpocalypse-cybercrime-report-2016\/."},{"key":"ref_3","unstructured":"(2023, February 11). Hacking the Hackers: Understanding Their Mindset and Motivations. Available online: https:\/\/www.bluefin.com\/bluefin-news\/hacking-hackers-mindset-motivations\/."},{"key":"ref_4","unstructured":"(2023, March 03). FBI: Cybercrime Victims Suffered Losses of Over $6.9B. Available online: https:\/\/www.darkreading.com\/attacks-breaches\/fbi-cybercrime-victims-suffered-losses-of-over-6-9b-in-2021."},{"key":"ref_5","unstructured":"(2023, March 03). The Hidden Costs of Cybercrime on Government. Available online: https:\/\/www.mcafee.com\/blogs\/other-blogs\/executive-perspectives\/the-hidden-costs-of-cybercrime-on-government\/."},{"key":"ref_6","unstructured":"(2023, March 03). Estimated Cost of Cybercrime Worldwide. Available online: https:\/\/www.statista.com\/statistics\/1280009\/cost-cybercrime-worldwide\/."},{"key":"ref_7","unstructured":"(2022, December 13). Understanding Digital Forensics Process Techniques and Tools. Available online: https:\/\/www.bluevoyant.com\/knowledge-center\/understanding-digital-forensics-process-techniques-and-tools."},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"11065","DOI":"10.1109\/ACCESS.2022.3142508","article-title":"A comprehensive survey on computer forensics: State-of-the-art, tools, techniques, challenges, and future directions","volume":"10","author":"Javed","year":"2022","journal-title":"IEEE Access"},{"key":"ref_9","unstructured":"(2022, December 13). What Is Database Forensics. Available online: https:\/\/www.salvationdata.com\/knowledge\/what-is-database-forensics\/."},{"key":"ref_10","unstructured":"(2022, December 13). Computer Forensics. Available online: https:\/\/www.techtarget.com\/searchsecurity\/definition\/computer-forensics."},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Djenna, A., Bouridane, A., Rubab, S., and Marou, I.M. (2019). Artificial Intelligence-Based Malware Detection, Analysis, and Mitigation. Symmetry, 15.","DOI":"10.3390\/sym15030677"},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1109\/JIOT.2019.2940713","article-title":"A survey on digital forensics in Internet of Things","volume":"7","author":"Hou","year":"2019","journal-title":"IEEE Internet Things J."},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Abu Al-Haija, Q., and Zein-Sabatto, S. (2020). An efficient deep-learning-based detection and classification system for cyber-attacks in IoT communication networks. Electronics, 9.","DOI":"10.20944\/preprints202011.0508.v2"},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Ge, M., Fu, X., Syed, N., Baig, Z., Teo, G., and Robles-Kelly, A. (2019, January 1\u20133). Deep learning-based intrusion detection for IoT networks. Proceedings of the IEEE 24th Pacific Rim International Symposium on Dependable Computing (PRDC), Kyoto, Japan.","DOI":"10.1109\/PRDC47002.2019.00056"},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"McDermott, C.D., Majdani, F., and Petrovski, A.V. (2018, January 8\u201313). Botnet detection in the internet of things using deep learning approaches. Proceedings of the IEEE International Joint Conference on Neural Networks (IJCNN), Rio de Janeiro, Brazil.","DOI":"10.1109\/IJCNN.2018.8489489"},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Van Roosmalen, J., Vranken, H., and Van Eekelen, M. (2018, January 9\u201313). Applying deep learning on packet flows for botnet detection. Proceedings of the 33rd Annual ACM Symposium on Applied Computing, Pau, France.","DOI":"10.1145\/3167132.3167306"},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Popoola, S.I., Adebisi, B., Ande, R., Hammoudeh, M., Anoh, K., and Atayero, A.A. (2021). Smote-drnn: A deep learning algorithm for botnet detection in the internet-of-things networks. Sensors, 21.","DOI":"10.3390\/s21092985"},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Hegde, M., Kepnang, G., Al Mazroei, M., Chavis, J.S., and Watkins, L. (2020, January 19\u201322). Identification of botnet activity in IoT network traffic using machine learning. Proceedings of the IEEE International Conference on Intelligent Data Science Technologies and Applications (IDSTA), Valencia, Spain.","DOI":"10.1109\/IDSTA50958.2020.9264143"},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"6430","DOI":"10.1109\/ACCESS.2021.3140015","article-title":"Generative deep learning to detect cyberattacks for the IoT-23 dataset","volume":"10","author":"Abdalgawad","year":"2021","journal-title":"IEEE Access"},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"100","DOI":"10.1016\/j.cose.2014.05.011","article-title":"An empirical comparison of botnet detection methods","volume":"45","author":"Garcia","year":"2014","journal-title":"Comput. Secur."},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Le, D.C., Zincir-Heywood, A.N., and Heywood, M.I. (2016, January 6\u20139). Data analytics on network traffic flows for botnet behaviour detection. Proceedings of the IEEE Symposium Series on Computational Intelligence (SSCI), Athens, Greece.","DOI":"10.1109\/SSCI.2016.7850078"},{"key":"ref_22","unstructured":"Geetha, K., and Brahmananda, S.H. (2022). Network traffic analysis through deep learning for detection of an army of bots in health IoT network. Int. J. Pervasive Comput. Commun."},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"102479","DOI":"10.1016\/j.jnca.2019.102479","article-title":"An efficient reinforcement learning-based Botnet detection approach","volume":"150","author":"Alauthman","year":"2020","journal-title":"J. Netw. Comput. Appl."},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Kim, J., Shim, M., Hong, S., Shin, Y., and Choi, E. (2020). Intelligent detection of iot botnets using machine learning and deep learning. Appl. Sci., 10.","DOI":"10.3390\/app10197009"},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"9302318","DOI":"10.1155\/2020\/9302318","article-title":"Botnet forensic analysis using machine learning","volume":"2020","author":"Bijalwan","year":"2020","journal-title":"Secur. Commun. Netw."},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"3930","DOI":"10.1109\/JIOT.2021.3100755","article-title":"Federated deep learning for zero-day botnet attack detection in IoT-edge devices","volume":"9","author":"Popoola","year":"2021","journal-title":"IEEE Internet Things J."},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"205","DOI":"10.1007\/s42979-021-00516-9","article-title":"Intrusion detection system for iot botnet attacks using deep learning","volume":"2","author":"Shareena","year":"2021","journal-title":"SN Comput. Sci."},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"5547","DOI":"10.1007\/s12652-021-03185-x","article-title":"Detecting IoT botnets based on the combination of cooperative game theory with deep and machine learning approaches","volume":"13","author":"Asadi","year":"2022","journal-title":"J. Ambient. Intell. Humaniz. Comput."},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Hasan, N., Chen, Z., Zhao, C., Zhu, Y., and Liu, C. (2022, January 2\u201305). IoT Botnet Detection framework from Network Behavior based on Extreme Learning Machine. Proceedings of the IEEE Infocom Ieee Conference on Computer Communications Workshops (Infocom Wkshps), New York, NY, USA.","DOI":"10.1109\/INFOCOMWKSHPS54753.2022.9798307"},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"103064","DOI":"10.1016\/j.cose.2022.103064","article-title":"Intelligent IoT-BOTNET attack detection model with optimized hybrid classification model","volume":"126","author":"Bojarajulu","year":"2023","journal-title":"Comput. Secur."},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"1405","DOI":"10.1016\/j.procs.2023.01.119","article-title":"Botnet Detection Using Artificial Intelligence","volume":"218","author":"Moorthy","year":"2023","journal-title":"Procedia Comput. Sci."},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"40","DOI":"10.1016\/j.future.2022.10.024","article-title":"On the application of active learning for efficient and effective IoT botnet detection","volume":"141","author":"Bahsi","year":"2023","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Djenna, A., Saidouni, D.E., and Abada, W. (2020, January 20\u201322). A pragmatic cybersecurity strategies for combating iot-cyberattacks. Proceedings of the IEEE International Symposium on Networks, Computers and Communications (ISNCC), Montreal, QC, Canada.","DOI":"10.1109\/ISNCC49221.2020.9297251"},{"key":"ref_34","unstructured":"(2023, February 23). 2021 Interpol Report. Available online: https:\/\/www.interpol.int\/content\/download\/17965\/file\/INTERPOL\/Annual\/Report\/2021_EN."},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"26933","DOI":"10.1109\/ACCESS.2020.2971348","article-title":"A hybrid CNN-LSTM model for forecasting particulate matter (PM2. 5)","volume":"8","author":"Li","year":"2020","journal-title":"IEEE Access"},{"key":"ref_36","unstructured":"(2023, May 22). Cell Classification in Machine Learning. Available online: https:\/\/www.madrasresearch.org\/post\/cell-classification-in-machine-learning."},{"key":"ref_37","doi-asserted-by":"crossref","unstructured":"Roshan, S., Srivathsan, G., Deepak, K., and Chandrakala, S. (2020). Violence detection in automated video surveillance: Recent trends and comparative studies. Cogn. Approach Cloud Comput. Internet Things Technol. Surveill. Track. Syst., 157\u2013171.","DOI":"10.1016\/B978-0-12-816385-6.00011-8"},{"key":"ref_38","doi-asserted-by":"crossref","unstructured":"Li, Y.H., Harfiya, L.N., Purwandari, K., and Lin, Y.D. (2020). Real-time cuffless continuous blood pressure estimation using deep learning model. Sensors, 20.","DOI":"10.3390\/s20195606"},{"key":"ref_39","unstructured":"(2022, June 17). CTU-13 Dataset. Available online: https:\/\/www.stratosphereips.org\/datasets-ctu13."},{"key":"ref_40","unstructured":"(2022, June 30). IoT-23 Dataset. Available online: https:\/\/www.stratosphereips.org\/datasets-iot23."},{"key":"ref_41","doi-asserted-by":"crossref","first-page":"427","DOI":"10.1016\/j.ipm.2009.03.002","article-title":"A systematic analysis of performance measures for classification tasks","volume":"45","author":"Sokolova","year":"2009","journal-title":"Inf. Process. Manag."},{"key":"ref_42","doi-asserted-by":"crossref","unstructured":"Nguyen, H.T., Ngo, Q.D., and Le, V.H. (2018, January 28\u201330). IoT Botnet Detection Approach Based on PSI graph and DGCNN classifier. Proceedings of the IEEE International Conference on Information Communication and Signal Processing (ICICSP), Singapore.","DOI":"10.1109\/ICICSP.2018.8549713"},{"key":"ref_43","doi-asserted-by":"crossref","unstructured":"Letteri, I., Della Penna, G., and Caianiello, P. (2019, January 17\u201319). Feature selection strategies for http botnet traffic detection. Proceedings of the 4th IEEE European Symposium on Security and Privacy Workshops EUROS and PW, Stockholm, Sweden.","DOI":"10.1109\/EuroSPW.2019.00029"},{"key":"ref_44","doi-asserted-by":"crossref","first-page":"1085","DOI":"10.1109\/TFUZZ.2019.2892363","article-title":"Multiobjective evolutionary feature selection for fuzzy classification","volume":"27","author":"Jimenez","year":"2019","journal-title":"IEEE Trans. Fuzzy Syst."},{"key":"ref_45","doi-asserted-by":"crossref","first-page":"94497","DOI":"10.1109\/ACCESS.2019.2928048","article-title":"TSE-IDS: A two-stage classifier ensemble for intelligent anomaly-based intrusion detection system","volume":"7","author":"Tama","year":"2019","journal-title":"IEEE Access"},{"key":"ref_46","doi-asserted-by":"crossref","first-page":"6638134","DOI":"10.1155\/2021\/6638134","article-title":"Representativeness-based instance selection for intrusion detection","volume":"2021","author":"Zhao","year":"2021","journal-title":"Secur. Commun. Netw."},{"key":"ref_47","doi-asserted-by":"crossref","unstructured":"Kannari, P.R., Shariff, N.C., and Biradar, R.L. (2021). Network intrusion detection using sparse autoencoder with swish-PReLU activation model. J. Ambient. Intell. Humaniz. Comput., 1\u201313.","DOI":"10.1007\/s12652-021-03077-0"},{"key":"ref_48","doi-asserted-by":"crossref","first-page":"100747","DOI":"10.1016\/j.iot.2023.100747","article-title":"XG-BoT: An explainable deep graph neural network for botnet detection and forensics","volume":"22","author":"Lo","year":"2023","journal-title":"Internet Things"}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/23\/14\/6302\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T20:10:37Z","timestamp":1760127037000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/23\/14\/6302"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,7,11]]},"references-count":48,"journal-issue":{"issue":"14","published-online":{"date-parts":[[2023,7]]}},"alternative-id":["s23146302"],"URL":"https:\/\/doi.org\/10.3390\/s23146302","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,7,11]]}}}