Enhancing IoT Botnet Detection through Machine Learning-based Feature Selection and Ensemble Models
Keywords:IoT, Botnet, Botnet Detection, Ensemble Model, Voting Ensemble, Ada Boost, KNN, Bootstrap Aggregation
An increase in cyberattacks has coincided with the Internet of Things (IoT) expansion. When numerous systems are connected, more botnet attacks are possible. Because botnet attacks are constantly evolving to take advantage of security holes and weaknesses in internet traffic and IoT devices, they must be recognized. Voting ensemble (VE), Ada boost, K-Nearest Neighbour (KNN), and bootstrap aggregation are some methods used in this work for botnet detection. This study aims to first incorporate feature significance for enhanced efficacy, then estimate effectiveness in IoT botnet detection using traditional model-based machine learning, and finally evaluate the outcomes using ensemble models. It has been demonstrated that applying feature importance increases the effectiveness of ensemble models. VE algorithm provides the best botnet traffic detection compared to all currently used approaches.
M. Hasan, M. M. Islam, M. I. I. Zarif, and M. M. A. Hashem, "Attack and anomaly detection in IoT sensors in IoT sites using machine learning approaches," Internet of Things, vol. 7, p. 100059, Sep. 2019, doi: 10.1016/J.IOT.2019.100059.
A. Shahid, M. Z. Jasni, Z. Mohamad Fadli, and I. Zakira, "A Review Paper on Botnet and Botnet Detection Techniques in Cloud Computing," 2014, Accessed: May 03, 2023. [Online]. Available: https://www.researchgate.net/profile/Shahid_Anwar3/publication/283257776_A_Review_Paper_on_Botnet_and_Botnet_Detection_Techniques_in_Cloud_Computing/links/562f525308ae4742240abea7.pdf
SharmaRavi and SharmaNonita, "Attacks on Resource-Constrained IoT Devices and Security Solutions," International Journal of Software Science and Computational Intelligence (IJSSCI), vol. 14, no. 1, pp. 1–21, Oct. 2022, doi: 10.4018/IJSSCI.310943.
X. Liu, Y. Liu, A. Liu, and L. T. Yang, "Defending ON-OFF attacks using light probing messages in smart sensors for industrial communication systems," IEEE Trans Industr Inform, vol. 14, no. 9, pp. 3801–3811, Sep. 2018, doi: 10.1109/TII.2018.2836150.
H. H. Pajouh, R. Javidan, R. Khayami, A. Dehghantanha, and K. K. R. Choo, "A Two-Layer Dimension Reduction and Two-Tier Classification Model for Anomaly-Based Intrusion Detection in IoT Backbone Networks," IEEE Trans Emerg Top Comput, vol. 7, no. 2, pp. 314–323, 2019, doi: 10.1109/TETC.2016.2633228.
I. K. Poyner and R. S. Sherratt, "Privacy and security of consumer IoT devices for the pervasive monitoring of vulnerable people," IET Conference Publications, vol. 2018, no. CP740, 2018, doi: 10.1049/CP.2018.0043.
S. Al-mashhadi, M. Anbar, I. Hasbullah, and T. A. Alamiedy, "Hybrid rule-based botnet detection approach using machine learning for analysing DNS traffic," PeerJ Comput Sci, vol. 7, pp. 1–34, 2021, doi: 10.7717/PEERJ-CS.640/SUPP-4.
A. Kumar et al., "A Novel Decentralized Blockchain Architecture for the Preservation of Privacy and Data Security against Cyberattacks in Healthcare," Sensors, vol. 22, no. 15, Aug. 2022, doi: 10.3390/S22155921.
R. A. Rodriguez-Gomez, G. Macia-Fernandez, and P. Garcia-Teodoro, "Survey and taxonomy of botnet research through life-cycle," ACM Computing Surveys (CSUR), vol. 45, no. 4, Aug. 2013, doi: 10.1145/2501654.2501659.
M. Feily, A. Shahrestani, and S. Ramadass, "A survey of botnet and botnet detection," Proceedings - 2009 3rd International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2009, pp. 268–273, 2009, doi: 10.1109/SECURWARE.2009.48.
O. Jullian, B. Otero, E. Rodriguez, N. Gutierrez, H. Antona, and R. Canal, "Deep-Learning Based Detection for Cyber-Attacks in IoT Networks: A Distributed Attack Detection Framework," Journal of Network and Systems Management, vol. 31, no. 2, pp. 1–24, Apr. 2023, doi: 10.1007/S10922-023-09722-7/FIGURES/8.
C.-H. ; Cheng et al., "Detection and Prevention of DDoS Attacks on the IoT," Applied Sciences 2022, Vol. 12, Page 12407, vol. 12, no. 23, p. 12407, Dec. 2022, doi: 10.3390/APP122312407.
D. R. Janardhana, V. Pavan Kumar, S. R. Lavanya, and A. P. Manu, "Detecting Security and Privacy Attacks in IoT Network using Deep Learning Algorithms," 2021 IEEE International Conference on Distributed Computing, VLSI, Electrical Circuits and Robotics, DISCOVER 2021 - Proceedings, pp. 35–40, 2021, doi: 10.1109/DISCOVER52564.2021.9663586.
K. Alissa, T. Alyas, K. Zafar, Q. Abbas, N. Tabassum, and S. Sakib, "Botnet Attack Detection in IoT Using Machine Learning," Comput Intell Neurosci, vol. 2022, 2022, doi: 10.1155/2022/4515642.
M. Alshamkhany, W. Alshamkhany, M. Mansour, M. Khan, S. Dhou, and F. Aloul, "Botnet Attack Detection using Machine Learning," Proceedings of the 2020 14th International Conference on Innovations in Information Technology, IIT 2020, pp. 203–208, Nov. 2020, doi: 10.1109/IIT50501.2020.9299061.
Q. A. Al-Haija and M. Al-Dala'ien, "ELBA-IoT: An Ensemble Learning Model for Botnet Attack Detection in IoT Networks," Journal of Sensor and Actuator Networks 2022, Vol. 11, Page 18, vol. 11, no. 1, p. 18, Mar. 2022, doi: 10.3390/JSAN11010018.
S. Afrifa, V. Varadarajan, P. Appiahene, T. Zhang, and E. A. Domfeh, "Ensemble Machine Learning Techniques for Accurate and Efficient Detection of Botnet Attacks in Connected Computers," Eng, vol. 4, no. 1, pp. 650–664, Feb. 2023, doi: 10.3390/ENG4010039.
S. Srinivasan and D. P, "Enhancing the security in cyber-world by detecting the botnets using ensemble classification based machine learning," Measurement: Sensors, vol. 25, p. 100624, Feb. 2023, doi: 10.1016/J.MEASEN.2022.100624.
"The Bot-IoT Dataset | UNSW Research." https://research.unsw.edu.au/projects/bot-iot-dataset (accessed Apr. 16, 2023).
How to Cite
Copyright (c) 2023 Ravi Sharma, Saika Mohi ud din, Nonita Sharma, Arun Kumar
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
This is an open access article distributed under the terms of the CC BY-NC-SA 4.0, which permits copying, redistributing, remixing, transformation, and building upon the material in any medium so long as the original work is properly cited.