Статті в журналах з теми "IOT BOTNET DETECTION"
Щоб переглянути інші типи публікацій з цієї теми, перейдіть за посиланням: IOT BOTNET DETECTION.
Оформте джерело за APA, MLA, Chicago, Harvard та іншими стилями
Ознайомтеся з топ-50 статей у журналах для дослідження на тему "IOT BOTNET DETECTION".
Біля кожної праці в переліку літератури доступна кнопка «Додати до бібліографії». Скористайтеся нею – і ми автоматично оформимо бібліографічне посилання на обрану працю в потрібному вам стилі цитування: APA, MLA, «Гарвард», «Чикаго», «Ванкувер» тощо.
Також ви можете завантажити повний текст наукової публікації у форматі «.pdf» та прочитати онлайн анотацію до роботи, якщо відповідні параметри наявні в метаданих.
Переглядайте статті в журналах для різних дисциплін та оформлюйте правильно вашу бібліографію.
1
Sreeja, B. P. "Survey on Internet of Things Botnet Detection Methodologies: A Report." IRO Journal on Sustainable Wireless Systems 4, no. 3 (September 15, 2022): 185–95. http://dx.doi.org/10.36548/jsws.2022.3.005.
Повний текст джерелаАнотація:
Recently, Internet of Things (IoT) botnets have emerged as a serious security risk. IoT-related systematic and thorough research on botnet detection techniques’ relevance are few. Therefore, this report seek to compile a comprehensive overview of experimental research related to the detection of IoT botnets and then evaluate it. Moreover, it builds a foundation of information about IoT botnet detection techniques. In this work, the gaps in research are studied and recommendations are made for future studies.
2
Wazzan, Majda, Daniyal Algazzawi, Omaima Bamasaq, Aiiad Albeshri, and Li Cheng. "Internet of Things Botnet Detection Approaches: Analysis and Recommendations for Future Research." Applied Sciences 11, no. 12 (June 20, 2021): 5713. http://dx.doi.org/10.3390/app11125713.
Повний текст джерелаАнотація:
Internet of Things (IoT) is promising technology that brings tremendous benefits if used optimally. At the same time, it has resulted in an increase in cybersecurity risks due to the lack of security for IoT devices. IoT botnets, for instance, have become a critical threat; however, systematic and comprehensive studies analyzing the importance of botnet detection methods are limited in the IoT environment. Thus, this study aimed to identify, assess and provide a thoroughly review of experimental works on the research relevant to the detection of IoT botnets. To accomplish this goal, a systematic literature review (SLR), an effective method, was applied for gathering and critically reviewing research papers. This work employed three research questions on the detection methods used to detect IoT botnets, the botnet phases and the different malicious activity scenarios. The authors analyzed the nominated research and the key methods related to them. The detection methods have been classified based on the techniques used, and the authors investigated the botnet phases during which detection is accomplished. This research procedure was used to create a source of foundational knowledge of IoT botnet detection methods. As a result of this study, the authors analyzed the current research gaps and suggest future research directions.
3
Yang, Changjin, Weili Guan, and Zhijie Fang. "IoT Botnet Attack Detection Model Based on DBO-Catboost." Applied Sciences 13, no. 12 (June 15, 2023): 7169. http://dx.doi.org/10.3390/app13127169.
Повний текст джерелаАнотація:
With the widespread adoption of Internet of Things (IoT) technology, the increasing number of IoT devices has led to a rise in serious network security issues. Botnets, a major threat in network security, have garnered significant attention over the past decade. However, detecting these rapidly evolving botnets remains a challenge, with current detection accuracy being relatively low. Therefore, this study focuses on designing efficient botnet detection models to enhance detection performance. This paper improves the initial population generation strategy of the Dung Beetle Optimizer (DBO) by using the centroid opposition-based learning strategy instead of the original random generation strategy. The improved DBO is applied to optimize Catboost parameters and is employed in the field of IoT botnet detection. Performance comparison experiments are conducted using real-world IoT traffic datasets. The experimental results demonstrate that the proposed method outperforms other models in terms of accuracy and F1 score, indicating the effectiveness of the proposed approach in this field.
4
Jovanović, Đorđe, and Pavle Vuletić. "Analysis and characterization of IoT malware command and control communication." Telfor Journal 12, no. 2 (2020): 80–85. http://dx.doi.org/10.5937/telfor2002080j.
Повний текст джерелаАнотація:
The emergence of Mirai botnet in 2016 took worldwide research teams by surprise, proving that a large number of low-performance IoT devices could be hacked and used for illegal purposes, causing extremely voluminous DDoS attacks. Therefore, a thorough inspection of the current state of IoT botnets is essential. In this paper, we analyze the dynamic behavior and command and control channels of two classes of IoT botnets, Mirai and Gafgyt. Based on collected information, a comparative analysis and key phases of botnet communication is provided. Such an analysis will serve as a basis for smart botnet detection mechanisms.
5
Wazzan, Majda, Daniyal Algazzawi, Aiiad Albeshri, Syed Hasan, Osama Rabie, and Muhammad Zubair Asghar. "Cross Deep Learning Method for Effectively Detecting the Propagation of IoT Botnet." Sensors 22, no. 10 (May 20, 2022): 3895. http://dx.doi.org/10.3390/s22103895.
Повний текст джерелаАнотація:
In recent times, organisations in a variety of businesses, such as healthcare, education, and others, have been using the Internet of Things (IoT) to produce more competent and improved services. The widespread use of IoT devices makes our lives easier. On the other hand, the IoT devices that we use suffer vulnerabilities that may impact our lives. These unsafe devices accelerate and ease cybersecurity attacks, specifically when using a botnet. Moreover, restrictions on IoT device resources, such as limitations in power consumption and the central processing unit and memory, intensify this issue because they limit the security techniques that can be used to protect IoT devices. Fortunately, botnets go through different stages before they can start attacks, and they can be detected in the early stage. This research paper proposes a framework focusing on detecting an IoT botnet in the early stage. An empirical experiment was conducted to investigate the behaviour of the early stage of the botnet, and then a baseline machine learning model was implemented for early detection. Furthermore, the authors developed an effective detection method, namely, Cross CNN_LSTM, to detect the IoT botnet based on using fusion deep learning models of a convolutional neural network (CNN) and long short-term memory (LSTM). According to the conducted experiments, the results show that the suggested model is accurate and outperforms some of the state-of-the-art methods, and it achieves 99.7 accuracy. Finally, the authors developed a kill chain model to prevent IoT botnet attacks in the early stage.
6
Negera, Worku Gachena, Friedhelm Schwenker, Taye Girma Debelee, Henock Mulugeta Melaku, and Yehualashet Megeresa Ayano. "Review of Botnet Attack Detection in SDN-Enabled IoT Using Machine Learning." Sensors 22, no. 24 (December 14, 2022): 9837. http://dx.doi.org/10.3390/s22249837.
Повний текст джерелаАнотація:
The orchestration of software-defined networks (SDN) and the internet of things (IoT) has revolutionized the computing fields. These include the broad spectrum of connectivity to sensors and electronic appliances beyond standard computing devices. However, these networks are still vulnerable to botnet attacks such as distributed denial of service, network probing, backdoors, information stealing, and phishing attacks. These attacks can disrupt and sometimes cause irreversible damage to several sectors of the economy. As a result, several machine learning-based solutions have been proposed to improve the real-time detection of botnet attacks in SDN-enabled IoT networks. The aim of this review is to investigate research studies that applied machine learning techniques for deterring botnet attacks in SDN-enabled IoT networks. Initially the first major botnet attacks in SDN-IoT networks have been thoroughly discussed. Secondly a commonly used machine learning techniques for detecting and mitigating botnet attacks in SDN-IoT networks are discussed. Finally, the performance of these machine learning techniques in detecting and mitigating botnet attacks is presented in terms of commonly used machine learning models’ performance metrics. Both classical machine learning (ML) and deep learning (DL) techniques have comparable performance in botnet attack detection. However, the classical ML techniques require extensive feature engineering to achieve optimal features for efficient botnet attack detection. Besides, they fall short of detecting unforeseen botnet attacks. Furthermore, timely detection, real-time monitoring, and adaptability to new types of attacks are still challenging tasks in classical ML techniques. These are mainly because classical machine learning techniques use signatures of the already known malware both in training and after deployment.
7
Haq, Mohd Anul. "DBoTPM: A Deep Neural Network-Based Botnet Prediction Model." Electronics 12, no. 5 (February 27, 2023): 1159. http://dx.doi.org/10.3390/electronics12051159.
Повний текст джерелаАнотація:
Internet of things (IoT) devices’ evolution and growth have boosted system efficiency, reduced human labour, and improved operational efficiency; however, IoT devices pose substantial security and privacy risks, making them highly vulnerable to botnet attacks. Botnet attacks are capable of degrading the performance of an IoT system in a way that makes it difficult for IoT network users to identify them. Earlier studies mainly focused on the detection of IoT botnets, and there was a gap in predicting the botnet attack due to their complex behaviour, repetitive nature, uncertainty, and almost invisible presence in the compromised system. Based on the gaps, it is highly required to develop efficient and stable AI models that can reliably predict botnet attacks. The current study developed and implemented DBoTPM, a novel deep-neural-network-based model for botnet prediction. The DBoTPM was optimized for performance and less computational overhead by utilizing rigorous hyperparameter tuning. The consequences of overfitting and underfitting were mitigated through dropouts. The evaluation of the DBoTPM demonstrated that it is one of the most accurate and efficient models for botnet prediction. This investigation is unique in that it makes use of two real datasets to detect and predict botnet attacks with efficient performance and faster response. The results achieved through the DBoTPM model were assessed against prior research and found to be highly effective at predicting botnet attacks with a real dataset.
8
Akash, Nazmus Sakib, Shakir Rouf, Sigma Jahan, Amlan Chowdhury, and Jia Uddin. "Botnet Detection in IoT Devices Using Random Forest Classifier with Independent Component Analysis." Journal of Information and Communication Technology 21, No.2 (April 7, 2022): 201–32. http://dx.doi.org/10.32890/jict2022.21.2.3.
Повний текст джерелаАнотація:
With rapid technological progress in the Internet of Things (IoT), it has become imperative to concentrate on its security aspect. This paper represents a model that accounts for the detection of botnets through the use of machine learning algorithms. The model examined anomalies, commonly referred to as botnets, in a cluster of IoT devices attempting to connect to a network. Essentially, this paper exhibited the use of transport layer data (User Datagram Protocol- UDP) generated through IoT devices. An intelligent novel model comprising Random Forest Classifier with Independent Component Analysis (ICA) was proposed for botnet detection in IoT devices. Various machine learning algorithms were also implemented upon the processed data for comparative analysis. The experimental results of the proposed model generated state-of-the-art results for three different datasets, achieving up to 99.99% accuracy effectively with the lowest prediction time of 0.12 seconds without overfitting. The significance of this study lies in detecting botnets in IoT devices effectively and efficiently under all circumstances by utilizing ICA with Random Forest Classifier, which is a simple machine learning algorithm.
9
Al-Duwairi, Basheer, Wafaa Al-Kahla, Mhd Ammar AlRefai, Yazid Abedalqader, Abdullah Rawash, and Rana Fahmawi. "SIEM-based detection and mitigation of IoT-botnet DDoS attacks." International Journal of Electrical and Computer Engineering (IJECE) 10, no. 2 (April 1, 2020): 2182. http://dx.doi.org/10.11591/ijece.v10i2.pp2182-2191.
Повний текст джерелаАнотація:
The Internet of Things (IoT) is becoming an integral part of our daily life including health, environment, homes, military, etc. The enormous growth of IoT in recent years has attracted hackers to take advantage of their computation and communication capabilities to perform different types of attacks. The major concern is that IoT devices have several vulnerabilities that can be easily exploited to form IoT botnets consisting of millions of IoT devices and posing significant threats to Internet security. In this context, DDoS attacks originating from IoT botnets is a major problem in today’s Internet that requires immediate attention. In this paper, we propose a Security Information and Event Management-based IoT botnet DDoS attack detection and mitigation system. This system detects and blocks DDoS attack traffic from compromised IoT devices by monitoring specific packet types including TCP SYN, ICMP and DNS packets originating from these devices. We discuss a prototype implementation of the proposed system and we demonstrate that SIEM based solutions can be configured to accurately identify and block malicious traffic originating from compromised IoT devices.
10
Alharbi, Abdullah, Wael Alosaimi, Hashem Alyami, Hafiz Tayyab Rauf, and Robertas Damaševičius. "Botnet Attack Detection Using Local Global Best Bat Algorithm for Industrial Internet of Things." Electronics 10, no. 11 (June 3, 2021): 1341. http://dx.doi.org/10.3390/electronics10111341.
Повний текст джерелаАнотація:
The need for timely identification of Distributed Denial-of-Service (DDoS) attacks in the Internet of Things (IoT) has become critical in minimizing security risks as the number of IoT devices deployed rapidly grows globally and the volume of such attacks rises to unprecedented levels. Instant detection facilitates network security by speeding up warning and disconnection from the network of infected IoT devices, thereby preventing the botnet from propagating and thereby stopping additional attacks. Several methods have been developed for detecting botnet attacks, such as Swarm Intelligence (SI) and Evolutionary Computing (EC)-based algorithms. In this study, we propose a Local-Global best Bat Algorithm for Neural Networks (LGBA-NN) to select both feature subsets and hyperparameters for efficient detection of botnet attacks, inferred from 9 commercial IoT devices infected by two botnets: Gafgyt and Mirai. The proposed Bat Algorithm (BA) adopted the local-global best-based inertia weight to update the bat’s velocity in the swarm. To tackle with swarm diversity of BA, we proposed Gaussian distribution used in the population initialization. Furthermore, the local search mechanism was followed by the Gaussian density function and local-global best function to achieve better exploration during each generation. Enhanced BA was further employed for neural network hyperparameter tuning and weight optimization to classify ten different botnet attacks with an additional one benign target class. The proposed LGBA-NN algorithm was tested on an N-BaIoT data set with extensive real traffic data with benign and malicious target classes. The performance of LGBA-NN was compared with several recent advanced approaches such as weight optimization using Particle Swarm Optimization (PSO-NN) and BA-NN. The experimental results revealed the superiority of LGBA-NN with 90% accuracy over other variants, i.e., BA-NN (85.5% accuracy) and PSO-NN (85.2% accuracy) in multi-class botnet attack detection.
11
Kaushik, Dr Priyanka. "Unleashing the Power of Multi-Agent Deep Learning: Cyber-Attack Detection in IoT." International Journal for Global Academic & Scientific Research 2, no. 2 (June 30, 2023): 23–45. http://dx.doi.org/10.55938/ijgasr.v2i2.46.
Повний текст джерелаАнотація:
Detecting botnet and malware cyber-attacks is a critical task in ensuring the security of computer networks. Traditional methods for identifying such attacks often involve static rules and signatures, which can be easily evaded by attackers. Dl is a subdivision of ML, has shown promise in enhancing the accuracy of detecting botnets and malware by analyzing large amounts of network traffic data and identifying patterns that are difficult to detect with traditional methods. In order to identify abnormal traffic patterns that can be a sign of botnet or malware activity, deep learning models can be taught to learn the intricate interactions and correlations between various network traffic parameters, such as packet size, time intervals, and protocol headers. The models can also be trained to detect anomalies in network traffic, which could indicate the presence of unknown malware. The threat of malware and botnet assaults has increased in frequency with the growth of the IoT. In this research, we offer a unique LSTM and GAN-based method for identifying such attacks. We utilise our model to categorise incoming traffic as either benign or malicious using a dataset of network traffic data from various IoT devices. Our findings show how well our method works by attaining high accuracy in identifying botnet and malware cyberattacks in IoT networks. This study makes a contribution to the creation of stronger and more effective security systems for shielding IoT devices from online dangers. One of the major advantages of using deep learning for botnet and malware detection is its ability to adapt to new and previously unknown attack patterns, making it a useful tool in the fight against constantly evolving cyber threats. However, DL models require large quantity of labeled data for training, and their performance can be affected by the quality and quantity of the data used. Deep learning holds great potential for improving the accuracy and effectiveness of botnet and malware detection, and its continued development and application could lead to significant advancements in the field of cybersecurity.
12
Rezaei, Amirhossein. "Identifying Botnet on IoT by Using Supervised Learning Techniques." Oriental journal of computer science and technology 12, no. 4 (October 28, 2019): 185–93. http://dx.doi.org/10.13005/ojcst12.04.04.
Повний текст джерелаАнотація:
The security challenge on IoT (Internet of Things) is one of the hottest and most pertinent topics at the moment especially the several security challenges. The Botnet is one of the security challenges that most impact for several purposes. The network of private computers infected by malicious software and controlled as a group without the knowledge of owners and each of them running one or more bots is called Botnets. Normally, it is used for sending spam, stealing data, and performing DDoS attacks. One of the techniques that been used for detecting the Botnet is the Supervised Learning method. This study will examine several Supervised Learning methods such as; Linear Regression, Logistic Regression, Decision Tree, Naive Bayes, k- Nearest Neighbors, Random Forest, Gradient Boosting Machines, and Support Vector Machine for identifying the Botnet in IoT with the aim of finding which Supervised Learning technique can achieve the highest accuracy and fastest detection as well as with minimizing the dependent variable.
13
Abu Al-Haija, Qasem, and Mu’awya Al-Dala’ien. "ELBA-IoT: An Ensemble Learning Model for Botnet Attack Detection in IoT Networks." Journal of Sensor and Actuator Networks 11, no. 1 (March 9, 2022): 18. http://dx.doi.org/10.3390/jsan11010018.
Повний текст джерелаАнотація:
Due to the prompt expansion and development of intelligent systems and autonomous, energy-aware sensing devices, the Internet of Things (IoT) has remarkably grown and obstructed nearly all applications in our daily life. However, constraints in computation, storage, and communication capabilities of IoT devices has led to an increase in IoT-based botnet attacks. To mitigate this threat, there is a need for a lightweight and anomaly-based detection system that can build profiles for normal and malicious activities over IoT networks. In this paper, we propose an ensemble learning model for botnet attack detection in IoT networks called ELBA-IoT that profiles behavior features of IoT networks and uses ensemble learning to identify anomalous network traffic from compromised IoT devices. In addition, our IoT-based botnet detection approach characterizes the evaluation of three different machine learning techniques that belong to decision tree techniques (AdaBoosted, RUSBoosted, and bagged). To evaluate ELBA-IoT, we used the N-BaIoT-2021 dataset, which comprises records of both normal IoT network traffic and botnet attack traffic of infected IoT devices. The experimental results demonstrate that our proposed ELBA-IoT can detect the botnet attacks launched from the compromised IoT devices with high detection accuracy (99.6%) and low inference overhead (40 µ-seconds). We also contrast ELBA-IoT results with other state-of-the-art results and demonstrate that ELBA-IoT is superior.
14
Almseidin, Mohammad, and Mouhammd Alkasassbeh. "An Accurate Detection Approach for IoT Botnet Attacks Using Interpolation Reasoning Method." Information 13, no. 6 (June 14, 2022): 300. http://dx.doi.org/10.3390/info13060300.
Повний текст джерелаАнотація:
Nowadays, the rapid growth of technology delivers many new concepts and notations that aim to increase the efficiency and comfort of human life. One of these techniques is the Internet of Things (IoT). The IoT has been used to achieve efficient operation management, cost-effective operations, better business opportunities, etc. However, there are many challenges facing implementing an IoT smart environment. The most critical challenge is protecting the IoT smart environment from different attacks. The IoT Botnet attacks are considered a serious challenge. The danger of this attack lies in that it could be used for several threatening commands. Therefore, the Botnet attacks could be implemented to perform the DDoS attacks, phishing attacks, spamming, and other attack scenarios. This paper has introduced a detection approach against the IoT Botnet attacks using the interpolation reasoning method. The suggested detection approach was implemented using the interpolation reasoning method instead of the classical reasoning methods to handle the knowledge base issues and reduce the size of the detection fuzzy rules. The suggested detection approach was designed, tested, and evaluated using an open-source benchmark IoT Botnet attacks dataset. The implemented experiments show that the suggested detection approach was able to detect the IoT Botnet attacks effectively with a 96.4% detection rate. Furthermore, the obtained results were compared with other literature results; the accomplished comparison showed that the suggested method is a rivalry with other methods, and it effectively reduced the false positive rate and interpolated the IoT Botnet attacks alerts even in case of a sparse rule base.
15
Bagui, Sikha, Xiaojian Wang, and Subhash Bagui. "Machine Learning Based Intrusion Detection for IoT Botnet." International Journal of Machine Learning and Computing 11, no. 6 (November 2021): 399–406. http://dx.doi.org/10.18178/ijmlc.2021.11.6.1068.
Повний текст джерела
16
S. Alrayes, Fatma, Mohammed Maray, Abdulbaset Gaddah, Ayman Yafoz, Raed Alsini, Omar Alghushairy, Heba Mohsen, and Abdelwahed Motwakel. "Modeling of Botnet Detection Using Barnacles Mating Optimizer with Machine Learning Model for Internet of Things Environment." Electronics 11, no. 20 (October 21, 2022): 3411. http://dx.doi.org/10.3390/electronics11203411.
Повний текст джерелаАнотація:
Owing to the development and expansion of energy-aware sensing devices and autonomous and intelligent systems, the Internet of Things (IoT) has gained remarkable growth and found uses in several day-to-day applications. However, IoT devices are highly prone to botnet attacks. To mitigate this threat, a lightweight and anomaly-based detection mechanism that can create profiles for malicious and normal actions on IoT networks could be developed. Additionally, the massive volume of data generated by IoT gadgets could be analyzed by machine learning (ML) methods. Recently, several deep learning (DL)-related mechanisms have been modeled to detect attacks on the IoT. This article designs a botnet detection model using the barnacles mating optimizer with machine learning (BND-BMOML) for the IoT environment. The presented BND-BMOML model focuses on the identification and recognition of botnets in the IoT environment. To accomplish this, the BND-BMOML model initially follows a data standardization approach. In the presented BND-BMOML model, the BMO algorithm is employed to select a useful set of features. For botnet detection, the BND-BMOML model in this study employs an Elman neural network (ENN) model. Finally, the presented BND-BMOML model uses a chicken swarm optimization (CSO) algorithm for the parameter tuning process, demonstrating the novelty of the work. The BND-BMOML method was experimentally validated using a benchmark dataset and the outcomes indicated significant improvements in performance over existing methods.
17
Alqahtani, Mnahi, Hassan Mathkour, and Mohamed Maher Ben Ismail. "IoT Botnet Attack Detection Based on Optimized Extreme Gradient Boosting and Feature Selection." Sensors 20, no. 21 (November 6, 2020): 6336. http://dx.doi.org/10.3390/s20216336.
Повний текст джерелаАнотація:
Nowadays, Internet of Things (IoT) technology has various network applications and has attracted the interest of many research and industrial communities. Particularly, the number of vulnerable or unprotected IoT devices has drastically increased, along with the amount of suspicious activity, such as IoT botnet and large-scale cyber-attacks. In order to address this security issue, researchers have deployed machine and deep learning methods to detect attacks targeting compromised IoT devices. Despite these efforts, developing an efficient and effective attack detection approach for resource-constrained IoT devices remains a challenging task for the security research community. In this paper, we propose an efficient and effective IoT botnet attack detection approach. The proposed approach relies on a Fisher-score-based feature selection method along with a genetic-based extreme gradient boosting (GXGBoost) model in order to determine the most relevant features and to detect IoT botnet attacks. The Fisher score is a representative filter-based feature selection method used to determine significant features and discard irrelevant features through the minimization of intra-class distance and the maximization of inter-class distance. On the other hand, GXGBoost is an optimal and effective model, used to classify the IoT botnet attacks. Several experiments were conducted on a public botnet dataset of IoT devices. The evaluation results obtained using holdout and 10-fold cross-validation techniques showed that the proposed approach had a high detection rate using only three out of the 115 data traffic features and improved the overall performance of the IoT botnet attack detection process.
18
Alkahtani, Hasan, and Theyazn H. H. Aldhyani. "Botnet Attack Detection by Using CNN-LSTM Model for Internet of Things Applications." Security and Communication Networks 2021 (September 9, 2021): 1–23. http://dx.doi.org/10.1155/2021/3806459.
Повний текст джерелаАнотація:
The Internet of Things (IoT) has grown rapidly, and nowadays, it is exploited by cyber attacks on IoT devices. An accurate system to identify malicious attacks on the IoT environment has become very important for minimizing security risks on IoT devices. Botnet attacks are among the most serious and widespread attacks, and they threaten IoT devices. Motionless IoT devices have a security weakness due to lack of sufficient memory and computation results for a security platform. In addition, numerous existing systems present themselves for finding unknown patterns from IoT networks to improve security. In this study, hybrid deep learning, a convolutional neural network and long short-term memory (CNN-LSTM) algorithm, was proposed to detect botnet attacks, namely, BASHLITE and Mirai, on nine commercial IoT devices. Extensive empirical research was performed by employing a real N-BaIoT dataset extracted from a real system, including benign and malicious patterns. The experimental results exposed the superiority of the CNN-LSTM model with accuracies of 90.88% and 88.61% in detecting botnet attacks from doorbells (Danminin and Ennio brands), whereas the proposed system achieved good accuracy (88.53%) in identifying botnet attacks from thermostat devices. The accuracies of the proposed system in detecting botnet attacks from security cameras were 87.19%, 89.23%, 87.76%, and 89.64%, with respect to accuracy metrics. Overall, the CNN-LSTM model was successful in detecting botnet attacks from various IoT devices with optimal accuracy.
19
Soe, Yan Naung, Yaokai Feng, Paulus Insap Santosa, Rudy Hartanto, and Kouichi Sakurai. "Machine Learning-Based IoT-Botnet Attack Detection with Sequential Architecture." Sensors 20, no. 16 (August 5, 2020): 4372. http://dx.doi.org/10.3390/s20164372.
Повний текст джерелаАнотація:
With the rapid development and popularization of Internet of Things (IoT) devices, an increasing number of cyber-attacks are targeting such devices. It was said that most of the attacks in IoT environments are botnet-based attacks. Many security weaknesses still exist on the IoT devices because most of them have not enough memory and computational resource for robust security mechanisms. Moreover, many existing rule-based detection systems can be circumvented by attackers. In this study, we proposed a machine learning (ML)-based botnet attack detection framework with sequential detection architecture. An efficient feature selection approach is adopted to implement a lightweight detection system with a high performance. The overall detection performance achieves around 99% for the botnet attack detection using three different ML algorithms, including artificial neural network (ANN), J48 decision tree, and Naïve Bayes. The experiment result indicates that the proposed architecture can effectively detect botnet-based attacks, and also can be extended with corresponding sub-engines for new kinds of attacks.
20
Nafir, Abdenacer, Smaine Mazouzi, and Salim Chikhi. "Collaborative Life-Cycle-Based Botnet Detection in IoT Using Event Entropy." International Journal of Organizational and Collective Intelligence 10, no. 4 (October 2020): 19–34. http://dx.doi.org/10.4018/ijoci.2020100102.
Повний текст джерелаАнотація:
This paper introduces a collaborative and distributed method for botnet detection in massive networks such as internet of things (IoT) and wide area networks (WAN). The method is model-based and designed as a multi-agent system where the agents are situated on IoT devices. Every agent analyzes the events' entropies, then exchanges its decision with its neighbors aiming at establishing global decision if a botnet is ongoing to be installed within the network or not. Decisions spread over the network where a consensual dominant decision can emerge. In previous similar works, it was necessary to use some central hosts in order to compute global decisions. So, scalability is compromised, and the solution is not suited for massive networks such as IoT. The proposed approach does not require any central control, which allows it to be used in IoT and ad hoc networks. Furthermore, the botnet is detected at the early stage of its life-cycle. Conducted experiments have shown that the proposed approach is well suited for botnet detection in IoT and WAN.
21
Sajjad, Syed Muhammad, Muhammad Rafiq Mufti, Muhammad Yousaf, Waqar Aslam, Reem Alshahrani, Nadhem Nemri, Humaira Afzal, Muhammad Asghar Khan, and Chien-Ming Chen. "Detection and Blockchain-Based Collaborative Mitigation of Internet of Things Botnets." Wireless Communications and Mobile Computing 2022 (April 20, 2022): 1–26. http://dx.doi.org/10.1155/2022/1194899.
Повний текст джерелаАнотація:
DDoS (distributed denial of service) attacks have drastically effected the functioning of Internet-based services in recent years. Following the release of the Mirai botnet source code on GitHub, the scope of these exploitations has grown. The attackers have been able to construct and launch variations of the Mirai botnet thanks to the open-sourcing of the Mirai code. These variants make the signature-based detection of these attacks challenging. Moreover, DDoS attacks are typically detected and mitigated reactively, making DDoS mitigation solutions very expensive. This paper presents a proactive IoT botnet detection system that detects the anomalies in the behavior of the IoT device and mitigates the DDoS botnet exploitation at the source end, which makes our proposal a low-cost solution. Further, this paper uses a collaborative trust relationship-based threat intelligence-sharing mechanism to prevent other IoT devices from being compromised by the detected botnet. The researchers have evaluated the collaborative threat intelligence sharing mechanism using Ethereum Virtual Machine and Hyperledger. The performance of our proposed system can detect 97% of the Mirai botnet attack activities. Furthermore, our collaborative threat intelligence sharing mechanism based on the Ethereum Virtual Machine showed more scalability.
22
Alissa, Khalid, Tahir Alyas, Kashif Zafar, Qaiser Abbas, Nadia Tabassum, and Shadman Sakib. "Botnet Attack Detection in IoT Using Machine Learning." Computational Intelligence and Neuroscience 2022 (October 4, 2022): 1–14. http://dx.doi.org/10.1155/2022/4515642.
Повний текст джерелаАнотація:
There are an increasing number of Internet of Things (IoT) devices connected to the network these days, and due to the advancement in technology, the security threads and cyberattacks, such as botnets, are emerging and evolving rapidly with high-risk attacks. These attacks disrupt IoT transition by disrupting networks and services for IoT devices. Many recent studies have proposed ML and DL techniques for detecting and classifying botnet attacks in the IoT environment. This study proposes machine learning methods for classifying binary classes. This purpose is served by using the publicly available dataset UNSW-NB15. This dataset resolved a class imbalance problem using the SMOTE-OverSampling technique. A complete machine learning pipeline was proposed, including exploratory data analysis, which provides detailed insights into the data, followed by preprocessing. During this process, the data passes through six fundamental steps. A decision tree, an XgBoost model, and a logistic regression model are proposed, trained, tested, and evaluated on the dataset. In addition to model accuracy, F1-score, recall, and precision are also considered. Based on all experiments, it is concluded that the decision tree outperformed with 94% test accuracy.
23
Afrifa, Stephen, Vijayakumar Varadarajan, Peter Appiahene, Tao Zhang, and Emmanuel Adjei Domfeh. "Ensemble Machine Learning Techniques for Accurate and Efficient Detection of Botnet Attacks in Connected Computers." Eng 4, no. 1 (February 16, 2023): 650–64. http://dx.doi.org/10.3390/eng4010039.
Повний текст джерелаАнотація:
The transmission of information, ideas, and thoughts requires communication, which is a crucial component of human contact. The utilization of Internet of Things (IoT) devices is a result of the advent of enormous volumes of messages delivered over the internet. The IoT botnet assault, which attempts to perform genuine, lucrative, and effective cybercrimes, is one of the most critical IoT dangers. To identify and prevent botnet assaults on connected computers, this study uses both quantitative and qualitative approaches. This study employs three basic machine learning (ML) techniques—random forest (RF), decision tree (DT), and generalized linear model (GLM)—and a stacking ensemble model to detect botnets in computer network traffic. The results reveled that random forest attained the best performance with a coefficient of determination (R2) of 0.9977, followed by decision tree with an R2 of 0.9882, while GLM was the worst among the basic machine learning models with an R2 of 0.9522. Almost all ML models achieved satisfactory performance, with an R2 above 0.93. Overall, the stacking ensemble model obtained the best performance, with a root mean square error (RMSE) of 0.0084 m, a mean absolute error (MAE) of 0.0641 m, and an R2 of 0.9997. Regarding the stacking ensemble model as compared with the single machine learning models, the R2 of the stacking ensemble machine learning increased by 0.2% compared to the RF, 1.15% compared to the DT, and 3.75% compared to the GLM, while RMSE decreased by approximately 0.15% compared to the GLM, DT, and RF single machine learning techniques. Furthermore, this paper suggests best practices for preventing botnet attacks. Businesses should make major investments to combat botnets. This work contributes to knowledge by presenting a novel method for detecting botnet assaults using an artificial-intelligence-powered solution with real-time behavioral analysis. This study can assist companies, organizations, and government bodies in making informed decisions for a safer network that will increase productivity.
24
Hussain, Zeeshan, Adnan Akhunzada, Javed Iqbal, Iram Bibi, and Abdullah Gani. "Secure IIoT-Enabled Industry 4.0." Sustainability 13, no. 22 (November 10, 2021): 12384. http://dx.doi.org/10.3390/su132212384.
Повний текст джерелаАнотація:
The Industrial Internet of things (IIoT) is the main driving force behind smart manufacturing, industrial automation, and industry 4.0. Conversely, industrial IoT as the evolving technological paradigm is also becoming a compelling target for cyber adversaries. Particularly, advanced persistent threats (APT) and especially botnets are the foremost promising and potential attacks that may throw the complete industrial IoT network into chaos. IIoT-enabled botnets are highly scalable, technologically diverse, and highly resilient to classical and conventional detection mechanisms. Subsequently, we propose a deep learning (DL)-enabled novel hybrid architecture that can efficiently and timely tackle distributed, multivariant, lethal botnet attacks in industrial IoT. The proposed approach is thoroughly evaluated on a current state-of-the-art, publicly available dataset using standard performance evaluation metrics. Moreover, our proposed technique has been precisely verified with our constructed hybrid DL-enabled architectures and current benchmark DL algorithms. Our devised mechanism shows promising results in terms of high detection accuracy with a trivial trade-off in speed efficiency, assuring the proposed scheme as an optimal and legitimate cyber defense in prevalent IIoTs. Besides, we have cross-validated our results to show utterly unbiased performance.
25
M. Ali Alheeti, Khattab, Ibrahim Alsukayti, and Mohammed Alreshoodi. "Intelligent Botnet Detection Approach in Modern Applications." International Journal of Interactive Mobile Technologies (iJIM) 15, no. 16 (August 23, 2021): 113. http://dx.doi.org/10.3991/ijim.v15i16.24199.
Повний текст джерелаАнотація:
<p class="0abstract">Innovative applications are employed to enhance human-style life. The Internet of Things (IoT) is recently utilized in designing these environments. Therefore, security and privacy are considered essential parts to deploy and successful intelligent environments. In addition, most of the protection systems of IoT are vulnerable to various types of attacks. Hence, intrusion detection systems (IDS) have become crucial requirements for any modern design. In this paper, a new detection system is proposed to secure sensitive information of IoT devices. However, it is heavily based on deep learning networks. The protection system can provide a secure environment for IoT. To prove the efficiency of the proposed approach, the system was tested by using two datasets; normal and fuzzification datasets. The accuracy rate in the case of the normal testing dataset was 99.30%, while was 99.42% for the fuzzification testing dataset. The experimental results of the proposed system reflect its robustness, reliability, and efficiency.</p>
26
Al-Sarem, Mohammed, Faisal Saeed, Eman H. Alkhammash, and Norah Saleh Alghamdi. "An Aggregated Mutual Information Based Feature Selection with Machine Learning Methods for Enhancing IoT Botnet Attack Detection." Sensors 22, no. 1 (December 28, 2021): 185. http://dx.doi.org/10.3390/s22010185.
Повний текст джерелаАнотація:
Due to the wide availability and usage of connected devices in Internet of Things (IoT) networks, the number of attacks on these networks is continually increasing. A particularly serious and dangerous type of attack in the IoT environment is the botnet attack, where the attackers can control the IoT systems to generate enormous networks of “bot” devices for generating malicious activities. To detect this type of attack, several Intrusion Detection Systems (IDSs) have been proposed for IoT networks based on machine learning and deep learning methods. As the main characteristics of IoT systems include their limited battery power and processor capacity, maximizing the efficiency of intrusion detection systems for IoT networks is still a research challenge. It is important to provide efficient and effective methods that use lower computational time and have high detection rates. This paper proposes an aggregated mutual information-based feature selection approach with machine learning methods to enhance detection of IoT botnet attacks. In this study, the N-BaIoT benchmark dataset was used to detect botnet attack types using real traffic data gathered from nine commercial IoT devices. The dataset includes binary and multi-class classifications. The feature selection method incorporates Mutual Information (MI) technique, Principal Component Analysis (PCA) and ANOVA f-test at finely-granulated detection level to select the relevant features for improving the performance of IoT Botnet classifiers. In the classification step, several ensemble and individual classifiers were used, including Random Forest (RF), XGBoost (XGB), Gaussian Naïve Bayes (GNB), k-Nearest Neighbor (k-NN), Logistic Regression (LR) and Support Vector Machine (SVM). The experimental results showed the efficiency and effectiveness of the proposed approach, which outperformed other techniques using various evaluation metrics.
27
Shao, Zhou, Sha Yuan, and Yongli Wang. "Adaptive online learning for IoT botnet detection." Information Sciences 574 (October 2021): 84–95. http://dx.doi.org/10.1016/j.ins.2021.05.076.
Повний текст джерела
28
Jung, Woosub, Hongyang Zhao, Minglong Sun, and Gang Zhou. "IoT botnet detection via power consumption modeling." Smart Health 15 (March 2020): 100103. http://dx.doi.org/10.1016/j.smhl.2019.100103.
Повний текст джерела
29
Tatarnikova, T. M., I. A. Sikarev, P. Yu Bogdanov, and T. V. Timochkina. "Botnet Attack Detection Approach in IoT Networks." Automatic Control and Computer Sciences 56, no. 8 (December 2022): 838–46. http://dx.doi.org/10.3103/s0146411622080259.
Повний текст джерела
30
Kim, Jiyeon, Minsun Shim, Seungah Hong, Yulim Shin, and Eunjung Choi. "Intelligent Detection of IoT Botnets Using Machine Learning and Deep Learning." Applied Sciences 10, no. 19 (October 8, 2020): 7009. http://dx.doi.org/10.3390/app10197009.
Повний текст джерелаАнотація:
As the number of Internet of Things (IoT) devices connected to the network rapidly increases, network attacks such as flooding and Denial of Service (DoS) are also increasing. These attacks cause network disruption and denial of service to IoT devices. However, a large number of heterogenous devices deployed in the IoT environment make it difficult to detect IoT attacks using traditional rule-based security solutions. It is challenging to develop optimal security models for each type of the device. Machine learning (ML) is an alternative technique that allows one to develop optimal security models based on empirical data from each device. We employ the ML technique for IoT attack detection. We focus on botnet attacks targeting various IoT devices and develop ML-based models for each type of device. We use the N-BaIoT dataset generated by injecting botnet attacks (Bashlite and Mirai) into various types of IoT devices, including a Doorbell, Baby Monitor, Security Camera, and Webcam. We develop a botnet detection model for each device using numerous ML models, including deep learning (DL) models. We then analyze the effective models with a high detection F1-score by carrying out multiclass classification, as well as binary classification, for each model.
31
Apostol, Ioana, Marius Preda, Constantin Nila, and Ion Bica. "IoT Botnet Anomaly Detection Using Unsupervised Deep Learning." Electronics 10, no. 16 (August 4, 2021): 1876. http://dx.doi.org/10.3390/electronics10161876.
Повний текст джерелаАнотація:
The Internet of Things has become a cutting-edge technology that is continuously evolving in size, connectivity, and applicability. This ecosystem makes its presence felt in every aspect of our lives, along with all other emerging technologies. Unfortunately, despite the significant benefits brought by the IoT, the increased attack surface built upon it has become more critical than ever. Devices have limited resources and are not typically created with security features. Lately, a trend of botnet threats transitioning to the IoT environment has been observed, and an army of infected IoT devices can expand quickly and be used for effective attacks. Therefore, identifying proper solutions for securing IoT systems is currently an important and challenging research topic. Machine learning-based approaches are a promising alternative, allowing the identification of abnormal behaviors and the detection of attacks. This paper proposes an anomaly-based detection solution that uses unsupervised deep learning techniques to identify IoT botnet activities. An empirical evaluation of the proposed method is conducted on both balanced and unbalanced datasets to assess its threat detection capability. False-positive rate reduction and its impact on the detection system are also analyzed. Furthermore, a comparison with other unsupervised learning approaches is included. The experimental results reveal the performance of the proposed detection method.
32
Lee, Seungjin, Azween Abdullah, Nz Jhanjhi, and Sh Kok. "Classification of botnet attacks in IoT smart factory using honeypot combined with machine learning." PeerJ Computer Science 7 (January 25, 2021): e350. http://dx.doi.org/10.7717/peerj-cs.350.
Повний текст джерелаАнотація:
The Industrial Revolution 4.0 began with the breakthrough technological advances in 5G, and artificial intelligence has innovatively transformed the manufacturing industry from digitalization and automation to the new era of smart factories. A smart factory can do not only more than just produce products in a digital and automatic system, but also is able to optimize the production on its own by integrating production with process management, service distribution, and customized product requirement. A big challenge to the smart factory is to ensure that its network security can counteract with any cyber attacks such as botnet and Distributed Denial of Service, They are recognized to cause serious interruption in production, and consequently economic losses for company producers. Among many security solutions, botnet detection using honeypot has shown to be effective in some investigation studies. It is a method of detecting botnet attackers by intentionally creating a resource within the network with the purpose of closely monitoring and acquiring botnet attacking behaviors. For the first time, a proposed model of botnet detection was experimented by combing honeypot with machine learning to classify botnet attacks. A mimicking smart factory environment was created on IoT device hardware configuration. Experimental results showed that the model performance gave a high accuracy of above 96%, with very fast time taken of just 0.1 ms and false positive rate at 0.24127 using random forest algorithm with Weka machine learning program. Hence, the honeypot combined machine learning model in this study was proved to be highly feasible to apply in the security network of smart factory to detect botnet attacks.
33
Malik, Kainat, Faisal Rehman, Tahir Maqsood, Saad Mustafa, Osman Khalid, and Adnan Akhunzada. "Lightweight Internet of Things Botnet Detection Using One-Class Classification." Sensors 22, no. 10 (May 10, 2022): 3646. http://dx.doi.org/10.3390/s22103646.
Повний текст джерелаАнотація:
Like smart phones, the recent years have seen an increased usage of internet of things (IoT) technology. IoT devices, being resource constrained due to smaller size, are vulnerable to various security threats. Recently, many distributed denial of service (DDoS) attacks generated with the help of IoT botnets affected the services of many websites. The destructive botnets need to be detected at the early stage of infection. Machine-learning models can be utilized for early detection of botnets. This paper proposes one-class classifier-based machine-learning solution for the detection of IoT botnets in a heterogeneous environment. The proposed one-class classifier, which is based on one-class KNN, can detect the IoT botnets at the early stage with high accuracy. The proposed machine-learning-based model is a lightweight solution that works by selecting the best features leveraging well-known filter and wrapper methods for feature selection. The proposed strategy is evaluated over different datasets collected from varying network scenarios. The experimental results reveal that the proposed technique shows improved performance, consistent across three different datasets used for evaluation.
34
Alothman, Zainab, Mouhammd Alkasassbeh, and Sherenaz Al-Haj Baddar. "An efficient approach to detect IoT botnet attacks using machine learning." Journal of High Speed Networks 26, no. 3 (November 27, 2020): 241–54. http://dx.doi.org/10.3233/jhs-200641.
Повний текст джерелаАнотація:
The numerous security loopholes in the design and implementation of many IoT devices have rendered them an easy target for botnet attacks. Several approaches to implement behavioral IoT botnet attacks detection have been explored, including machine learning. The main goal of previous studies was to achieve the highest possible accuracy in distinguishing normal from malicious IoT traffic, with minimal regard to the identification of the particular type of attack that is being launched. In this study, we present a machine learning based approach for detecting IoT botnet attacks that not only helps distinguish normal from malicious traffic, but also detects the type of the IoT botnet attack. To achieve this goal, the Bot-IoT dataset, in which instances have main attack and sub-attack categories, was utilized after performing the Synthetic Minority Over-sampling Technique (SMOTE), among other preprocessing techniques. Moreover, multiple classifiers were tested and the results from the best three, namely: J48, Random Forest (RF), and Multilayer Perceptron (MLP) networks were reported. The results showed the superiority of the RF and J48 classifiers compared to the MLP networks and other state-of-the-art solutions. The accuracy of the best binary classifier reported in this study reached 0.999, whereas the best accuracies of main attack and subcategories classifications reached 0.96 and 0.93, respectively. Only few studies address the classification errors in this domain, yet, it was assessed in this study in terms of False Negative (FN) rates. J48 and RF classifiers, here also, outperformed the MLP network classifier, and achieved a maximum micro FN rate for subcategories classification of 0.076.
35
Swathi, G. Chandana, G. Kishor Kumar, and A. P. Siva Kumar. "Central Pivot Heuristics for Botnet Attack Defense in Iot." International Journal on Recent and Innovation Trends in Computing and Communication 10, no. 10 (October 31, 2022): 78–90. http://dx.doi.org/10.17762/ijritcc.v10i10.5738.
Повний текст джерелаАнотація:
Botnet assaults on IoT systems have become a big issue, and several strategies for botnet protection have been investigated by the academic and industry communities. While many of these methods are practical and effective for botnet attack prevention, one of the important limits is the load factor on the servers that manage monitoring and control in addition to catering to client system requests. To address load factor difficulties, the focus of this study report is on the conditions of installing a four-layer security control system based on the notion of central pivot points. Inspired by the effective and systematic Markov Chains concept, this publication proposes a four-layer filtering model that shows if botnet detection and prevention methods for servers are required. The model's simulated experimental study demonstrates the potential scope of deploying the system. The study also highlights the future possibilities of model improvisation that can reduce any erroneous signal production that is judged necessary.
36
Lee, Seungjin, Azween Abdullah, N. Z. Jhanjhi, and S. H. Kok. "Honeypot Coupled Machine Learning Model for Botnet Detection and Classification in IoT Smart Factory – An Investigation." MATEC Web of Conferences 335 (2021): 04003. http://dx.doi.org/10.1051/matecconf/202133504003.
Повний текст джерелаАнотація:
In the United States, the manufacturing ecosystem is rebuilt and developed through innovation with the promotion of AMP 2.0. For this reason, the industry has spurred the development of 5G, Artificial Intelligence (AI), and Machine Learning (ML) technologies which is being applied on the smart factories to integrate production process management, product service and distribution, collaboration, and customized production requirements. These smart factories need to effectively solve security problems with a high detection rate for a smooth operation. However, number of security related cases occurring in the smart factories has been increasing due to botnet Distributed Denial of Service (DDoS) attacks that threaten the network security operated on the Internet of Things (IoT) platform. Against botnet attacks, security network of the smart factory must improve its defensive capability. Among many security solutions, botnet detection using honeypot has been shown to be effective in early studies. In order to solve the problem of closely monitoring and acquiring botnet attack behaviour, honeypot is a method to detect botnet attackers by intentionally creating resources within the network. As a result, the traced content is recorded in a log file. In addition, these log files are classified quickly with high accuracy with a support of machine learning operation. Hence, productivity is increase, while stability of the smart factory is reinforced. In this study, a botnet detection model was proposed by combining honeypot with machine learning, specifically designed for smart factories. The investigation was carried out in a hardware configuration virtually mimicking a smart factory environment.
37
Alzahrani, Rami J., and Ahmed Alzahrani. "A Novel Multi Algorithm Approach to Identify Network Anomalies in the IoT Using Fog Computing and a Model to Distinguish between IoT and Non-IoT Devices." Journal of Sensor and Actuator Networks 12, no. 2 (February 28, 2023): 19. http://dx.doi.org/10.3390/jsan12020019.
Повний текст джерелаАнотація:
Botnet attacks, such as DDoS, are one of the most common types of attacks in IoT networks. A botnet is a collection of cooperated computing machines or Internet of Things gadgets that criminal users manage remotely. Several strategies have been developed to reduce anomalies in IoT networks, such as DDoS. To increase the accuracy of the anomaly mitigation system and lower the false positive rate (FPR), some schemes use statistical or machine learning methodologies in the anomaly-based intrusion detection system (IDS) to mitigate an attack. Despite the proposed anomaly mitigation techniques, the mitigation of DDoS attacks in IoT networks remains a concern. Because of the similarity between DDoS and normal network flows, leading to problems such as a high FPR, low accuracy, and a low detection rate, the majority of anomaly mitigation methods fail. Furthermore, the limited resources in IoT devices make it difficult to implement anomaly mitigation techniques. In this paper, an efficient anomaly mitigation system has been developed for the IoT network through the design and implementation of a DDoS attack detection system that uses a statistical method that combines three algorithms: exponentially weighted moving average (EWMA), K-nearest neighbors (KNN), and the cumulative sum algorithm (CUSUM). The integration of fog computing with the Internet of Things has created an effective framework for implementing an anomaly mitigation strategy to address security issues such as botnet threats. The proposed module was evaluated using the Bot-IoT dataset. From the results, we conclude that our model has achieved a high accuracy (99.00%) with a low false positive rate (FPR). We have also achieved good results in distinguishing between IoT and non-IoT devices, which will help networking teams make the distinction as well.
38
Al-Kasassbeh, Mouhammd, Mohammad Almseidin, Khaled Alrfou, and Szilveszter Kovacs. "Detection of IoT-botnet attacks using fuzzy rule interpolation." Journal of Intelligent & Fuzzy Systems 39, no. 1 (July 17, 2020): 421–31. http://dx.doi.org/10.3233/jifs-191432.
Повний текст джерела
39
Nguyen, Giang L., Braulio Dumba, Quoc-Dung Ngo, Hai-Viet Le, and Tu N. Nguyen. "A collaborative approach to early detection of IoT Botnet." Computers & Electrical Engineering 97 (January 2022): 107525. http://dx.doi.org/10.1016/j.compeleceng.2021.107525.
Повний текст джерела
40
Nguyen, Huy-Trung, Quoc-Dung Ngo, and Van-Hoang Le. "A novel graph-based approach for IoT botnet detection." International Journal of Information Security 19, no. 5 (October 23, 2019): 567–77. http://dx.doi.org/10.1007/s10207-019-00475-6.
Повний текст джерела
41
Abu Khurma, Ruba, Iman Almomani, and Ibrahim Aljarah. "IoT Botnet Detection Using Salp Swarm and Ant Lion Hybrid Optimization Model." Symmetry 13, no. 8 (July 28, 2021): 1377. http://dx.doi.org/10.3390/sym13081377.
Повний текст джерелаАнотація:
In the last decade, the devices and appliances utilizing the Internet of Things (IoT) have expanded tremendously, which has led to revolutionary developments in the network industry. Smart homes and cities, wearable devices, traffic monitoring, health systems, and energy savings are typical IoT applications. The diversity in IoT standards, protocols, and computational resources makes them vulnerable to security attackers. Botnets are challenging security threats in IoT devices that cause severe Distributed Denial of Service (DDoS) attacks. Intrusion detection systems (IDS) are necessary for safeguarding Internet-connected frameworks and enhancing insufficient traditional security countermeasures, including authentication and encryption techniques. This paper proposes a wrapper feature selection model (SSA–ALO) by hybridizing the salp swarm algorithm (SSA) and ant lion optimization (ALO). The new model can be integrated with IDS components to handle the high-dimensional space problem and detect IoT attacks with superior efficiency. The experiments were performed using the N-BaIoT benchmark dataset, which was downloaded from the UCI repository. This dataset consists of nine datasets that represent real IoT traffic. The experimental results reveal the outperformance of SSA–ALO compared to existing related approaches using the following evaluation measures: TPR (true positive rate), FPR (false positive rate), G-mean, processing time, and convergence curves. Therefore, the proposed SSA–ALO model can serve IoT applications by detecting intrusions with high true positive rates that reach 99.9% and with a minimal delay even in imbalanced intrusion families.
42
de Caldas Filho, Francisco Lopes, Samuel Carlos Meneses Soares, Elder Oroski, Robson de Oliveira Albuquerque, Rafael Zerbini Alves da Mata, Fábio Lúcio Lopes de Mendonça, and Rafael Timóteo de Sousa Júnior. "Botnet Detection and Mitigation Model for IoT Networks Using Federated Learning." Sensors 23, no. 14 (July 11, 2023): 6305. http://dx.doi.org/10.3390/s23146305.
Повний текст джерелаАнотація:
The Internet of Things (IoT) introduces significant security vulnerabilities, raising concerns about cyber-attacks. Attackers exploit these vulnerabilities to launch distributed denial-of-service (DDoS) attacks, compromising availability and causing financial damage to digital infrastructure. This study focuses on mitigating DDoS attacks in corporate local networks by developing a model that operates closer to the attack source. The model utilizes Host Intrusion Detection Systems (HIDS) to identify anomalous behaviors in IoT devices and employs network-based intrusion detection approaches through a Network Intrusion Detection System (NIDS) for comprehensive attack identification. Additionally, a Host Intrusion Detection and Prevention System (HIDPS) is implemented in a fog computing infrastructure for real-time and precise attack detection. The proposed model integrates NIDS with federated learning, allowing devices to locally analyze their data and contribute to the detection of anomalous traffic. The distributed architecture enhances security by preventing volumetric attack traffic from reaching internet service providers and destination servers. This research contributes to the advancement of cybersecurity in local network environments and strengthens the protection of IoT networks against malicious traffic. This work highlights the efficiency of using a federated training and detection procedure through deep learning to minimize the impact of a single point of failure (SPOF) and reduce the workload of each device, thus achieving accuracy of 89.753% during detection and increasing privacy issues in a decentralized IoT infrastructure with a near-real-time detection and mitigation system.
43
Catillo, Marta, Antonio Pecchia, and Umberto Villano. "A Deep Learning Method for Lightweight and Cross-Device IoT Botnet Detection." Applied Sciences 13, no. 2 (January 7, 2023): 837. http://dx.doi.org/10.3390/app13020837.
Повний текст джерелаАнотація:
Ensuring security of Internet of Things (IoT) devices in the face of threats and attacks is a primary concern. IoT plays an increasingly key role in cyber–physical systems. Many existing intrusion detection systems (IDS) proposals for the IoT leverage complex machine learning architectures, which often provide one separate model per device or per attack. These solutions are not suited to the scale and dynamism of modern IoT networks. This paper proposes a novel IoT-driven cross-device method, which allows learning a single IDS model instead of many separate models atop the traffic of different IoT devices. A semi-supervised approach is adopted due to its wider applicability for unanticipated attacks. The solution is based on an all-in-one deep autoencoder, which consists of training a single deep neural network with the normal traffic from different IoT devices. Extensive experimentation performed with a widely used benchmarking dataset indicates that the all-in-one approach achieves within 0.9994–0.9997 recall, 0.9999–1.0 precision, 0.0–0.0071 false positive rate and 0.9996–0.9998 F1 score, depending on the device. The results obtained demonstrate the validity of the proposal, which represents a lightweight and device-independent solution with considerable advantages in terms of transferability and adaptability.
44
Faysal, Jabed Al, Sk Tahmid Mostafa, Jannatul Sultana Tamanna, Khondoker Mirazul Mumenin, Md Mashrur Arifin, Md Abdul Awal, Atanu Shome, and Sheikh Shanawaz Mostafa. "XGB-RF: A Hybrid Machine Learning Approach for IoT Intrusion Detection." Telecom 3, no. 1 (January 4, 2022): 52–69. http://dx.doi.org/10.3390/telecom3010003.
Повний текст джерелаАнотація:
In the past few years, Internet of Things (IoT) devices have evolved faster and the use of these devices is exceedingly increasing to make our daily activities easier than ever. However, numerous security flaws persist on IoT devices due to the fact that the majority of them lack the memory and computing resources necessary for adequate security operations. As a result, IoT devices are affected by a variety of attacks. A single attack on network systems or devices can lead to significant damages in data security and privacy. However, machine-learning techniques can be applied to detect IoT attacks. In this paper, a hybrid machine learning scheme called XGB-RF is proposed for detecting intrusion attacks. The proposed hybrid method was applied to the N-BaIoT dataset containing hazardous botnet attacks. Random forest (RF) was used for the feature selection and eXtreme Gradient Boosting (XGB) classifier was used to detect different types of attacks on IoT environments. The performance of the proposed XGB-RF scheme is evaluated based on several evaluation metrics and demonstrates that the model successfully detects 99.94% of the attacks. After comparing it with state-of-the-art algorithms, our proposed model has achieved better performance for every metric. As the proposed scheme is capable of detecting botnet attacks effectively, it can significantly contribute to reducing the security concerns associated with IoT systems.
45
Myridakis, Dimitrios, Stefanos Papafotikas, Konstantinos Kalovrektis, and Athanasios Kakarountas. "Enhancing Security on IoT Devices via Machine Learning on Conditional Power Dissipation." Electronics 9, no. 11 (October 29, 2020): 1799. http://dx.doi.org/10.3390/electronics9111799.
Повний текст джерелаАнотація:
The rapid development of connected devices and the sensitive data, which they produce, is a major challenge for manufacturers seeking to fully protect their devices from attack. Consumers expect their IoT devices and data to be adequately protected against a wide range of vulnerabilities and exploits. Successful attacks target IoT devices, cause security problems, and pose new challenges. Successful attacks from botnets residing on mastered IoT devices increase significantly in number and the severity of the damage they cause is similar to that of a war. The characteristics of attacks vary widely from attack to attack and from time to time. The warnings about the severity of the attacks indicate that there is a need for solutions to address the attacks from birth. In addition, there is a need to quarantine infected IoT devices, preventing the spread of the virus and thus the formation of the botnet. This work introduces the exploitation of side-channel attack techniques to protect the low-cost smart devices intuitively, and integrates a machine learning-based algorithm for Intrusion Detection, exploiting current supply characteristic dissipation. The results of this work showed successful detection of abnormal behavior of smart IoT devices.
46
AL-Akhras, Mousa, Abdulmajeed Alshunaybir, Hani Omar, and Samah Alhazmi. "Botnet attacks detection in IoT environment using machine learning techniques." International Journal of Data and Network Science 7, no. 4 (2023): 1683–706. http://dx.doi.org/10.5267/j.ijdns.2023.7.021.
Повний текст джерелаАнотація:
IoT devices with weak security designs are a serious threat to organizations. They are the building blocks of Botnets, the platforms that launch organized attacks that are capable of shutting down an entire infrastructure. Researchers have been developing IDS solutions that can counter such threats, often by employing innovation from other disciplines like artificial intelligence and machine learning. One of the issues that may be encountered when machine learning is used is dataset purity. Since they are not captured from perfect environments, datasets may contain data that could affect the machine learning process, negatively. Algorithms already exist for such problems. Repeated Edited Nearest Neighbor (RENN), Encoding Length (Explore), and Decremental Reduction Optimization Procedure 5 (DROP5) algorithm can filter noises out of datasets. They also provide other benefits such as instance reduction which could help reduce larger Botnet datasets, without sacrificing their quality. Three datasets were chosen in this study to construct an IDS: IoTID20, N-BaIoT and MedBIoT. The filtering algorithms, RENN, Explore, and DROP5 were used on them to filter noise and reduce instances. Noise was also injected and filtered again to assess the resilience of these filters. Then feature optimizations were used to shrink the dataset features. Finally, machine learning was applied on the processed dataset and the resulting IDS was evaluated with the standard supervised learning metrics: Accuracy, Precision, Recall, Specificity, F-Score and G-Mean. Results showed that RENN and DROP5 filtering delivered excellent results. DROP5, in particular, managed to reduce the dataset substantially without sacrificing accuracy. However, when noise got injected, the DROP5 accuracy went down and could not keep up. Of the three dataset, N-BaIoT delivers the best accuracy overall across the learning techniques.
47
Kerrakchou, Imane, Adil Abou El Hassan, Sara Chadli, Mohamed Emharraf, and Mohammed Saber. "Selection of efficient machine learning algorithm on Bot-IoT dataset for intrusion detection in internet of things networks." Indonesian Journal of Electrical Engineering and Computer Science 31, no. 3 (September 1, 2023): 1784. http://dx.doi.org/10.11591/ijeecs.v31.i3.pp1784-1793.
Повний текст джерелаАнотація:
With the growth of internet of things (IoT) systems, they have become the target of malicious third parties. In order to counter this issue, realistic investigation and protection countermeasures must be evolved. These countermeasures comprise network forensics and network intrusion detection systems. To this end, a well-organized and representative data set is a crucial element in training and validating the system's credibility. In spite of the existence of multiple networks, there is usually little information provided about the botnet scenarios used. This article provides the Bot-IoT dataset that embeds traces of both legitimate and simulated IoT networks as well as several types of the attacks. It provides also a realistic test environment to address the drawbacks of existing datasets, namely capturing complete network information, precise labeling, and a variety of recent and complex attacks. Finally, this work evaluates the confidence of the Bot-IoT dataset by utilizing a variety of machine learning and statistical methods. This work will provide a foundation to enable botnet identification on IoT-specific networks.
48
Trajanovski, Tolijan, and Ning Zhang. "An Automated and Comprehensive Framework for IoT Botnet Detection and Analysis (IoT-BDA)." IEEE Access 9 (2021): 124360–83. http://dx.doi.org/10.1109/access.2021.3110188.
Повний текст джерела
49
Popoola, Segun I., Bamidele Adebisi, Ruth Ande, Mohammad Hammoudeh, Kelvin Anoh, and Aderemi A. Atayero. "SMOTE-DRNN: A Deep Learning Algorithm for Botnet Detection in the Internet-of-Things Networks." Sensors 21, no. 9 (April 24, 2021): 2985. http://dx.doi.org/10.3390/s21092985.
Повний текст джерелаАнотація:
Nowadays, hackers take illegal advantage of distributed resources in a network of computing devices (i.e., botnet) to launch cyberattacks against the Internet of Things (IoT). Recently, diverse Machine Learning (ML) and Deep Learning (DL) methods were proposed to detect botnet attacks in IoT networks. However, highly imbalanced network traffic data in the training set often degrade the classification performance of state-of-the-art ML and DL models, especially in classes with relatively few samples. In this paper, we propose an efficient DL-based botnet attack detection algorithm that can handle highly imbalanced network traffic data. Specifically, Synthetic Minority Oversampling Technique (SMOTE) generates additional minority samples to achieve class balance, while Deep Recurrent Neural Network (DRNN) learns hierarchical feature representations from the balanced network traffic data to perform discriminative classification. We develop DRNN and SMOTE-DRNN models with the Bot-IoT dataset, and the simulation results show that high-class imbalance in the training data adversely affects the precision, recall, F1 score, area under the receiver operating characteristic curve (AUC), geometric mean (GM) and Matthews correlation coefficient (MCC) of the DRNN model. On the other hand, the SMOTE-DRNN model achieved better classification performance with 99.50% precision, 99.75% recall, 99.62% F1 score, 99.87% AUC, 99.74% GM and 99.62% MCC. Additionally, the SMOTE-DRNN model outperformed state-of-the-art ML and DL models.
50
Negera, Worku Gachena, Friedhelm Schwenker, Taye Girma Debelee, Henock Mulugeta Melaku, and Degaga Wolde Feyisa. "Lightweight Model for Botnet Attack Detection in Software Defined Network-Orchestrated IoT." Applied Sciences 13, no. 8 (April 7, 2023): 4699. http://dx.doi.org/10.3390/app13084699.
Повний текст джерелаАнотація:
The Internet of things (IoT) is being used in a variety of industries, including agriculture, the military, smart cities and smart grids, and personalized health care. It is also being used to control critical infrastructure. Nevertheless, because the IoT lacks security procedures and lack the processing power to execute computationally costly antimalware apps, they are susceptible to malware attacks. In addition, the conventional method by which malware-detection mechanisms identify a threat is through known malware fingerprints stored in their database. However, with the ever-evolving and drastic increase in malware threats in the IoT, it is not enough to have traditional antimalware software in place, which solely defends against known threats. Consequently, in this paper, a lightweight deep learning model for an SDN-enabled IoT framework that leverages the underlying IoT resource-constrained devices by provisioning computing resources to deploy instant protection against botnet malware attacks is proposed. The proposed model can achieve 99% precision, recall, and F1 score and 99.4% accuracy. The execution time of the model is 0.108 milliseconds with 118 KB size and 19,414 parameters. The proposed model can achieve performance with high accuracy while utilizing fewer computational resources and addressing resource-limitation issues.