Knox: Lightweight Machine Learning Approaches for Automated Detection of Botnet Attacks

Shritik Raj; Bernard Ngangbam; Sanket Mishra; Vivek Gopalasetti; Ayushi Bajpai; Ch. Venkata Rami Reddy

doi:10.4108/eetsis.3997

Authors

Shritik Raj Vellore Institute of Technology University
Bernard Ngangbam Vellore Institute of Technology University
Sanket Mishra Vellore Institute of Technology University
Vivek Gopalasetti Vellore Institute of Technology University
Ayushi Bajpai Vellore Institute of Technology University
Ch. Venkata Rami Reddy Vellore Institute of Technology University

DOI:

https://doi.org/10.4108/eetsis.3997

Keywords:

Machine Learning, Botnet Detection, Internet of Things, Dimensionality Reduction, Data Sampling Techniques, Data streaming, Feature Extraction

Abstract

With an advancement in technology, the Internet of Things (IoT) has penetrated various domains such as smart buildings, intelligent transportation systems, healthcare, smart parking, air quality monitoring, water contamination identification, and supply chain owing to its ubiquitous nature. IoT devices periodically collect the data and send it to the gateway or server for pre-processing. However, the security offered in the IoT devices or gateways are still in a nascent stage. An Intrusion Detection System (IDS) meant for detecting the cyber threats on IoT should intercept most threats with minimum latency and yet be lightweight in nature. IoT devices also have low memory footprint which makes them resource constrained. This paper presents a framework built using a three-tier IoT architecture that successfully detects most attacks using machine learning approaches with an accuracy of 99%. Machine learning approaches are fed data using Apache Kafka to REST API. Sampling methods such as undersampling and adaptive synthetic sampling are applied to balance the imbalanced nature of the dataset. We examined the robustness of the approach using different samples with varying sizes and varying dimensions. Experimental results depict a superior performance of random forest over other approaches in terms of speed and accuracy.

References

Ullah, I. and Mahmoud, Q. (2020) A scheme for generating a dataset for anomalous activity detection in iot networks 508–520.

Koroniotis, N. and Moustafa, N. and Sitnikova, E. and Turnbull, B. (2019) Towards the development of realistic botnet dataset in the Internet of Things for network forensic analytics: Bot-IoT dataset (Future Generation Computer Systems)

Yadav, M.K. and Sharma, K.P.(2021) Intrusion Detection System using Machine Learning Algorithms: A Comparative Study 415-420

Krishnaveni, S. and Vigneshwar, Palani and Kishore,

S. and Jothi, B. (2020) Anomaly-Based Intrusion Detection System Using Support Vector Machine

Tsaramirsis and Georgios and Karamitsos and Ioan- nisand Apostolopoulos (2016) Smart parking: An IoT appli- cation for smart city (2016 3rd International Conference on Computing for Sustainable Global Development)

S. Gopal Krishna Patro and Kishore Kumar Sahu (2015)

Normalization: A Preprocessing Stage 328-333

Abdelkhalek and Ahmed and Mashaly and Maggie (2023) Addressing the class imbalance problem in network intrusion detection systems using data resampling and deep learning (The Journal of Supercomputing)

Koroniotis, N. and Moustafa, N. and Sitnikova, E. and Turnbull, B. (2019) Towards the development of realistic botnet dataset in the Internet of Things for network forensic analytics: Bot-IoT dataset

Letteri and Ivan and Antonio and Dyoub and Giuseppe (2020) A Novel Resampling Technique for Imbalanced Dataset Optimization

Sehgal, Shruti and Singh, Harpreet and Agarwal, Mohit and Bhasker, V. (2014) 2014 International Conference on Medical Imaging, m-Health and Emerging Communication Systems (MedCom) (Data analysis using principal component analysis)

Nasir, Inzamam and Khan, Muhammad and Yasmin, Mussarat and Shah, Jamal and Gabryel, Marcin (2020) Pearson Correlation-Based Feature Selection for Document Classification Using Balanced Training (Sensors)

Singhal, Richa and Rana, Rakesh (2015) Chi-square test and its application in hypothesis testing (Journal of the Practice of Cardiovascular Sciences)

Chen, Xue-wen and Jeong, Jong Cheol (2008) Enhanced recursive feature elimination 429-435

Alkasassbeh, Mouhammd and Abbadi, Mohammad and Al-Bustanji, Ahmed (2020) LightGBM Algorithm for Malware Detection 391-403 (Sensors)

Besharati, Elham and Naderan, Marjan and Namjoo, Ehsan (2019) LR-HIDS: Logistic Regression Host-based Intrusion Detection System for Cloud Environments (Journal of Ambient Intelligence and Humanized Computing)

M M, Savitha and Basarkod, P I (2022) Random Forest based Intrusion Detection System for AMI (2022 IEEE Fourth International Conference on Advances in Electronics, Computers and Communications (ICAECC))

Morched Derbali and Seyed Mohammed Buhari and Georgios Tsaramirsis and M. Stojmenovic and Houssem Jerbi and Mohamed Naceur Abdelkrim (2017) Water Desalination Fault Detection Using Machine Learning Approaches: A Comparative Study (IEEE Access)

Seyedeh Mahsan Taghavinejad and Mehran Taghavinejad and Lida Shahmiri and Mohammad Hossein Zavvar (2020) Intrusion Detection in IoT-Based Smart Grid Using Hybrid Decision Tree (2020 6th International Conference on Web Research (ICWR))

Salman Rachmadi and Satria Mandala and Dita Oktaria (2021) Detection of DoS Attack using AdaBoost Algorithm on IoT System (2021 International Conference on Data Science and Its Applications (ICoDSA))

Ivan Cviti and Dragan Perakovi and Marko Peria (2021) Ensemble machine learning approach for classification of IoT devices in smart home (International Journal of Machine Learning and Cybernetics)