scholarly journals Intelligent Detection of IoT Botnets Using Machine Learning and Deep Learning

2020 ◽  
Vol 10 (19) ◽  
pp. 7009
Author(s):  
Jiyeon Kim ◽  
Minsun Shim ◽  
Seungah Hong ◽  
Yulim Shin ◽  
Eunjung Choi
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Binary Classification ◽  
Denial Of Service ◽  
Attack Detection ◽  
Detection Model ◽  
Security Models ◽  
Iot Devices ◽  
Effective Models ◽  
Network Disruption

As the number of Internet of Things (IoT) devices connected to the network rapidly increases, network attacks such as flooding and Denial of Service (DoS) are also increasing. These attacks cause network disruption and denial of service to IoT devices. However, a large number of heterogenous devices deployed in the IoT environment make it difficult to detect IoT attacks using traditional rule-based security solutions. It is challenging to develop optimal security models for each type of the device. Machine learning (ML) is an alternative technique that allows one to develop optimal security models based on empirical data from each device. We employ the ML technique for IoT attack detection. We focus on botnet attacks targeting various IoT devices and develop ML-based models for each type of device. We use the N-BaIoT dataset generated by injecting botnet attacks (Bashlite and Mirai) into various types of IoT devices, including a Doorbell, Baby Monitor, Security Camera, and Webcam. We develop a botnet detection model for each device using numerous ML models, including deep learning (DL) models. We then analyze the effective models with a high detection F1-score by carrying out multiclass classification, as well as binary classification, for each model.

scholarly journals Intrusion Detection in IoT Networks Using Deep Learning Algorithm

Information ◽  
2020 ◽  
Vol 11 (5) ◽  
pp. 279 ◽  
Author(s):  
Bambang Susilo ◽  
Riri Fitri Sari
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Learning Strategies ◽  
Learning Algorithm ◽  
Human Life ◽  
Denial Of Service ◽  
The Internet ◽  
Dos Attacks ◽  
Deep Learning Algorithm ◽  
Iot Devices

The internet has become an inseparable part of human life, and the number of devices connected to the internet is increasing sharply. In particular, Internet of Things (IoT) devices have become a part of everyday human life. However, some challenges are increasing, and their solutions are not well defined. More and more challenges related to technology security concerning the IoT are arising. Many methods have been developed to secure IoT networks, but many more can still be developed. One proposed way to improve IoT security is to use machine learning. This research discusses several machine-learning and deep-learning strategies, as well as standard datasets for improving the security performance of the IoT. We developed an algorithm for detecting denial-of-service (DoS) attacks using a deep-learning algorithm. This research used the Python programming language with packages such as scikit-learn, Tensorflow, and Seaborn. We found that a deep-learning model could increase accuracy so that the mitigation of attacks that occur on an IoT network is as effective as possible.

scholarly journals DDoS attack detection using deep learning

2021 ◽  
Vol 10 (2) ◽  
pp. 382
Author(s):  
Thapanarath Khempetch ◽  
Pongpisit Wuttidittachotti
Keyword(s):  
Deep Learning ◽  
Short Term Memory ◽  
Denial Of Service ◽  
Attack Detection ◽  
Ddos Attacks ◽  
Ddos Attack ◽  
Attack Surface ◽  
Iot Devices ◽  
Ddos Attack Detection ◽  
Flow Of Information

<span id="docs-internal-guid-58e12f40-7fff-ea30-01f6-fbbed132b03c"><span>Nowadays, IoT devices are widely used both in daily life and in corporate and industrial environments. The use of these devices has increased dramatically and by 2030 it is estimated that their usage will rise to 125 billion devices causing enormous flow of information. It is likely that it will also increase distributed denial-of-service (DDoS) attack surface. As IoT devices have limited resources, it is impossible to add additional security structures to it. Therefore, the risk of DDoS attacks by malicious people who can take control of IoT devices, remain extremely high. In this paper, we use the CICDDoS2019 dataset as a dataset that has improved the bugs and introducing a new taxonomy for DDoS attacks, including new classification based on flows network. We propose DDoS attack detection using the deep neural network (DNN) and long short-term memory (LSTM) algorithm. Our results show that it can detect more than 99.90% of all three types of DDoS attacks. The results indicate that deep learning is another option for detecting attacks that may cause disruptions in the future.</span></span>

scholarly journals IoT DoS and DDoS Attack Detection using ResNet

2020 ◽  
Author(s):  
Faisal Hussain ◽  
Syed Ghazanfar Abbas ◽  
Muhammad Husnain ◽  
Ubaid U. Fayyaz ◽  
Farrukh Shahzad ◽  
...  
Keyword(s):  
Network Traffic ◽  
State Of The Art ◽  
Binary Classification ◽  
Denial Of Service ◽  
Attack Detection ◽  
Ddos Attacks ◽  
Detection Systems ◽  
Ddos Attack ◽  
Attack Patterns ◽  
Iot Devices

Abstract The network attacks are increasing both in frequency and intensity with the rapid growth of internet of things (IoT) devices. Recently, denial of service (DoS) and distributed denial of service (DDoS) attacks are reported as the most frequent attacks in IoT networks. The traditional security solutions like firewalls, intrusion detection systems, etc., are unable to detect the complex DoS and DDoS attacks since most of them filter the normal and attack traffic based upon the static predefined rules. However, these solutions can become reliable and effective when integrated with artificial intelligence (AI) based techniques. During the last few years, deep learning models especially convolutional neural networks achieved high significance due to their outstanding performance in the image processing field. The potential of these convolutional neural network (CNN) models can be used to efficiently detect the complex DoS and DDoS by converting the network traffic dataset into images. Therefore, in this work, we proposed a methodology to convert the network traffic data into image form and trained a state-of-the-art CNN model, i.e., ResNet over the converted data. The proposed methodology accomplished 99.99\% accuracy for detecting the DoS and DDoS in case of binary classification. Furthermore, the proposed methodology achieved 87\% average precision for recognizing eleven types of DoS and DDoS attack patterns which is 9\% higher as compared to the state-of-the-art.

scholarly journals Monitoring Real Time Security Attacks for IoT Systems Using DevSecOps: A Systematic Literature Review

Information ◽  
2021 ◽  
Vol 12 (4) ◽  
pp. 154
Author(s):  
Ahmed Bahaa ◽  
Ahmed Abdelaziz ◽  
Abdalla Sayed ◽  
Laila Elfangary ◽  
Hanan Fahmy
Keyword(s):  
Machine Learning ◽  
Denial Of Service ◽  
Attack Detection ◽  
Machine Learning Techniques ◽  
Learning Techniques ◽  
Precise Analysis ◽  
Development Processes ◽  
Iot Devices ◽  
Public Datasets ◽  
The Internet Of Things

In many enterprises and the private sector, the Internet of Things (IoT) has spread globally. The growing number of different devices connected to the IoT and their various protocols have contributed to the increasing number of attacks, such as denial-of-service (DoS) and remote-to-local (R2L) ones. There are several approaches and techniques that can be used to construct attack detection models, such as machine learning, data mining, and statistical analysis. Nowadays, this technique is commonly used because it can provide precise analysis and results. Therefore, we decided to study the previous literature on the detection of IoT attacks and machine learning in order to understand the process of creating detection models. We also evaluated various datasets used for the models, IoT attack types, independent variables used for the models, evaluation metrics for assessment of models, and monitoring infrastructure using DevSecOps pipelines. We found 49 primary studies, and the detection models were developed using seven different types of machine learning techniques. Most primary studies used IoT device testbed datasets, and others used public datasets such as NSL-KDD and UNSW-NB15. When it comes to measuring the efficiency of models, both numerical and graphical measures are commonly used. Most IoT attacks occur at the network layer according to the literature. If the detection models applied DevSecOps pipelines in development processes for IoT devices, they were more secure. From the results of this paper, we found that machine learning techniques can detect IoT attacks, but there are a few issues in the design of detection models. We also recommend the continued use of hybrid frameworks for the improved detection of IoT attacks, advanced monitoring infrastructure configurations using methods based on software pipelines, and the use of machine learning techniques for advanced supervision and monitoring.

scholarly journals An Experimental Analysis of Attack Classification Using Machine Learning in IoT Networks

Sensors ◽  
2021 ◽  
Vol 21 (2) ◽  
pp. 446
Author(s):  
Andrew Churcher ◽  
Rehmat Ullah ◽  
Jawad Ahmad ◽  
Sadaqat ur Rehman ◽  
Fawad Masood ◽  
...  
Keyword(s):  
Machine Learning ◽  
Binary Classification ◽  
Denial Of Service ◽  
Intrusion Detection Systems ◽  
Support Vector ◽  
Distributed Denial Of Service ◽  
Detection Systems ◽  
Iot Devices ◽  
Artificial Neural Network Ann ◽  
Multi Class Classification

In recent years, there has been a massive increase in the amount of Internet of Things (IoT) devices as well as the data generated by such devices. The participating devices in IoT networks can be problematic due to their resource-constrained nature, and integrating security on these devices is often overlooked. This has resulted in attackers having an increased incentive to target IoT devices. As the number of attacks possible on a network increases, it becomes more difficult for traditional intrusion detection systems (IDS) to cope with these attacks efficiently. In this paper, we highlight several machine learning (ML) methods such as k-nearest neighbour (KNN), support vector machine (SVM), decision tree (DT), naive Bayes (NB), random forest (RF), artificial neural network (ANN), and logistic regression (LR) that can be used in IDS. In this work, ML algorithms are compared for both binary and multi-class classification on Bot-IoT dataset. Based on several parameters such as accuracy, precision, recall, F1 score, and log loss, we experimentally compared the aforementioned ML algorithms. In the case of HTTP distributed denial-of-service (DDoS) attack, the accuracy of RF is 99%. Furthermore, other simulation results-based precision, recall, F1 score, and log loss metric reveal that RF outperforms on all types of attacks in binary classification. However, in multi-class classification, KNN outperforms other ML algorithms with an accuracy of 99%, which is 4% higher than RF.

scholarly journals Advancing Stress Detection Methodology with Deep Learning Techniques Targeting UX Evaluation in AAL Scenarios: Applying Embeddings for Categorical Variables

Electronics ◽  
2021 ◽  
Vol 10 (13) ◽  
pp. 1550
Author(s):  
Alexandros Liapis ◽  
Evanthia Faliagka ◽  
Christos P. Antonopoulos ◽  
Georgios Keramidas ◽  
Nikolaos Voros
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
User Experience ◽  
Electrodermal Activity ◽  
Binary Classification ◽  
Research Question ◽  
Classification Problem ◽  
Categorical Variables ◽  
Stress Detection ◽  
Software Failures

Physiological measurements have been widely used by researchers and practitioners in order to address the stress detection challenge. So far, various datasets for stress detection have been recorded and are available to the research community for testing and benchmarking. The majority of the stress-related available datasets have been recorded while users were exposed to intense stressors, such as songs, movie clips, major hardware/software failures, image datasets, and gaming scenarios. However, it remains an open research question if such datasets can be used for creating models that will effectively detect stress in different contexts. This paper investigates the performance of the publicly available physiological dataset named WESAD (wearable stress and affect detection) in the context of user experience (UX) evaluation. More specifically, electrodermal activity (EDA) and skin temperature (ST) signals from WESAD were used in order to train three traditional machine learning classifiers and a simple feed forward deep learning artificial neural network combining continues variables and entity embeddings. Regarding the binary classification problem (stress vs. no stress), high accuracy (up to 97.4%), for both training approaches (deep-learning, machine learning), was achieved. Regarding the stress detection effectiveness of the created models in another context, such as user experience (UX) evaluation, the results were quite impressive. More specifically, the deep-learning model achieved a rather high agreement when a user-annotated dataset was used for validation.

scholarly journals Machine Learning-Based Malicious X.509 Certificates’ Detection

2021 ◽  
Vol 11 (5) ◽  
pp. 2164
Author(s):  
Jiaxin Li ◽  
Zhaoxin Zhang ◽  
Changyong Guo
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Ensemble Learning ◽  
Traffic Analysis ◽  
Learning Models ◽  
Detection Model ◽  
Analysis Tools ◽  
Average Accuracy ◽  
Machine Learning Models

X.509 certificates play an important role in encrypting the transmission of data on both sides under HTTPS. With the popularization of X.509 certificates, more and more criminals leverage certificates to prevent their communications from being exposed by malicious traffic analysis tools. Phishing sites and malware are good examples. Those X.509 certificates found in phishing sites or malware are called malicious X.509 certificates. This paper applies different machine learning models, including classical machine learning models, ensemble learning models, and deep learning models, to distinguish between malicious certificates and benign certificates with Verification for Extraction (VFE). The VFE is a system we design and implement for obtaining plentiful characteristics of certificates. The result shows that ensemble learning models are the most stable and efficient models with an average accuracy of 95.9%, which outperforms many previous works. In addition, we obtain an SVM-based detection model with an accuracy of 98.2%, which is the highest accuracy. The outcome indicates the VFE is capable of capturing essential and crucial characteristics of malicious X.509 certificates.

scholarly journals Machine-learning and statistical methods for DDoS attack detection and defense system in software defined networks

2021 ◽  
Author(s):  
Merlin James Rukshan Dennis
Keyword(s):  
Machine Learning ◽  
Random Forest ◽  
Statistical Approach ◽  
Denial Of Service ◽  
Attack Detection ◽  
Learning Approach ◽  
Ddos Attack ◽  
Machine Learning Approach ◽  
Ddos Detection ◽  
Ddos Attack Detection

Distributed Denial of Service (DDoS) attack is a serious threat on today’s Internet. As the traffic across the Internet increases day by day, it is a challenge to distinguish between legitimate and malicious traffic. This thesis proposes two different approaches to build an efficient DDoS attack detection system in the Software Defined Networking environment. SDN is the latest networking approach which implements centralized controller, which is programmable. The central control and the programming capability of the controller are used in this thesis to implement the detection and mitigation mechanisms. In this thesis, two designed approaches, statistical approach and machine-learning approach, are proposed for the DDoS detection. The statistical approach implements entropy computation and flow statistics analysis. It uses the mean and standard deviation of destination entropy, new flow arrival rate, packets per flow and flow duration to compute various thresholds. These thresholds are then used to distinguish normal and attack traffic. The machine learning approach uses Random Forest classifier to detect the DDoS attack. We fine-tune the Random Forest algorithm to make it more accurate in DDoS detection. In particular, we introduce the weighted voting instead of the standard majority voting to improve the accuracy. Our result shows that the proposed machine-learning approach outperforms the statistical approach. Furthermore, it also outperforms other machine-learning approach found in the literature.

Sign in / Sign up

Export Citation Format

Share Document