Recommender System Based on Empirical Study of Geolocated Clustering and
                            Prediction Services for Botnets Cyber-Intelligence in Malaysia


                                          Nazri Ahmad Zamani and Aswami Ariffin


                                                          Abstract



               A  recommender  system  is  becoming  a  popular  platform  that  predicts  the  ratings  or
               preferences  in  studying  human  behaviors  and  habits.  The  system  is  widely  used
               especially  in  marketing,  retailing  and  product  development.  The  system  responds  to
               users  preferences  in  goods  and  services  and  gives  recommendations  based  on
               Machine Learning algorithms deployed catered specifically for such services. The same
               recommender  system  can  be  built  for  predicting  botnets  attack.  Via  our  Integrated
               Cyber-Evidence (or ICE) Big Data system, we build a recommender system based on
               collected  data  on  telemetric  Botnets  networks  traffics.  The  recommender  system  is
               trained  periodically  on  cyber-threats  enriched  data  from  Coordinated  Malware
               Eradication & Remedial Platform system (or CMERP), specifically the geolocation and
               the timestamp of the attacks. The machine learning is based on K-Means and DBSCAN
               clustering.  The  results  is  a  recommendation  of  potential  attacks  from  a  given
               geolocation coordinates.





























                                                                                                           28