Visible to the public Identification of Botnet Activity in IoT Network Traffic Using Machine Learning

TitleIdentification of Botnet Activity in IoT Network Traffic Using Machine Learning
Publication TypeConference Paper
Year of Publication2020
AuthorsHegde, M., Kepnang, G., Mazroei, M. Al, Chavis, J. S., Watkins, L.
Conference Name2020 International Conference on Intelligent Data Science Technologies and Applications (IDSTA)
Date PublishedNovember 2020
ISBN Number978-1-7281-8376-3
Keywordsanomaly detection, Botnet, botnet activity, Botnet detection, botnets, CIA attacks, Classification algorithms, composability, computer network security, confidentiality integrity and availability attacks, cybersecurity, Deep Learning, deep-learning classifiers, Internet of Things, invasive software, IoT Botnets, IoT devices, IoT network dataset, IoT network traffic, IoT training datasets, learning (artificial intelligence), machine learning, Measurement, Metrics, Neural networks, performance evaluation, probability, pubcrawl, resilience, Resiliency, Smart homes, supervised machine learning, telecommunication traffic

Today our world benefits from Internet of Things (IoT) technology; however, new security problems arise when these IoT devices are introduced into our homes. Because many of these IoT devices have access to the Internet and they have little to no security, they make our smart homes highly vulnerable to compromise. Some of the threats include IoT botnets and generic confidentiality, integrity, and availability (CIA) attacks. Our research explores botnet detection by experimenting with supervised machine learning and deep-learning classifiers. Further, our approach assesses classifier performance on unbalanced datasets that contain benign data, mixed in with small amounts of malicious data. We demonstrate that the classifiers can separate malicious activity from benign activity within a small IoT network dataset. The classifiers can also separate malicious activity from benign activity in increasingly larger datasets. Our experiments have demonstrated incremental improvement in results for (1) accuracy, (2) probability of detection, and (3) probability of false alarm. The best performance results include 99.9% accuracy, 99.8% probability of detection, and 0% probability of false alarm. This paper also demonstrates how the performance of these classifiers increases, as IoT training datasets become larger and larger.

Citation Keyhegde_identification_2020