scholarly journals Classification of botnet attacks in IoT smart factory using honeypot combined with machine learning

2021 ◽  
Vol 7 ◽  
pp. e350
Author(s):  
Seungjin Lee ◽  
Azween Abdullah ◽  
Nz Jhanjhi ◽  
Sh Kok
Keyword(s):  
Machine Learning ◽  
Manufacturing Industry ◽  
False Positive Rate ◽  
Denial Of Service ◽  
Smart Factory ◽  
Economic Losses ◽  
Fast Time ◽  
Management Service ◽  
Learning Program ◽  
Botnet Detection

The Industrial Revolution 4.0 began with the breakthrough technological advances in 5G, and artificial intelligence has innovatively transformed the manufacturing industry from digitalization and automation to the new era of smart factories. A smart factory can do not only more than just produce products in a digital and automatic system, but also is able to optimize the production on its own by integrating production with process management, service distribution, and customized product requirement. A big challenge to the smart factory is to ensure that its network security can counteract with any cyber attacks such as botnet and Distributed Denial of Service, They are recognized to cause serious interruption in production, and consequently economic losses for company producers. Among many security solutions, botnet detection using honeypot has shown to be effective in some investigation studies. It is a method of detecting botnet attackers by intentionally creating a resource within the network with the purpose of closely monitoring and acquiring botnet attacking behaviors. For the first time, a proposed model of botnet detection was experimented by combing honeypot with machine learning to classify botnet attacks. A mimicking smart factory environment was created on IoT device hardware configuration. Experimental results showed that the model performance gave a high accuracy of above 96%, with very fast time taken of just 0.1 ms and false positive rate at 0.24127 using random forest algorithm with Weka machine learning program. Hence, the honeypot combined machine learning model in this study was proved to be highly feasible to apply in the security network of smart factory to detect botnet attacks.

scholarly journals Honeypot Coupled Machine Learning Model for Botnet Detection and Classification in IoT Smart Factory – An Investigation

2021 ◽  
Vol 335 ◽  
pp. 04003
Author(s):  
Seungjin Lee ◽  
Azween Abdullah ◽  
N.Z. Jhanjhi ◽  
S.H. Kok
Keyword(s):  
Machine Learning ◽  
Process Management ◽  
Denial Of Service ◽  
The United States ◽  
Smart Factory ◽  
High Detection Rate ◽  
Botnet Detection ◽  
Detection Model ◽  
Log File ◽  
Smart Factories

In the United States, the manufacturing ecosystem is rebuilt and developed through innovation with the promotion of AMP 2.0. For this reason, the industry has spurred the development of 5G, Artificial Intelligence (AI), and Machine Learning (ML) technologies which is being applied on the smart factories to integrate production process management, product service and distribution, collaboration, and customized production requirements. These smart factories need to effectively solve security problems with a high detection rate for a smooth operation. However, number of security related cases occurring in the smart factories has been increasing due to botnet Distributed Denial of Service (DDoS) attacks that threaten the network security operated on the Internet of Things (IoT) platform. Against botnet attacks, security network of the smart factory must improve its defensive capability. Among many security solutions, botnet detection using honeypot has been shown to be effective in early studies. In order to solve the problem of closely monitoring and acquiring botnet attack behaviour, honeypot is a method to detect botnet attackers by intentionally creating resources within the network. As a result, the traced content is recorded in a log file. In addition, these log files are classified quickly with high accuracy with a support of machine learning operation. Hence, productivity is increase, while stability of the smart factory is reinforced. In this study, a botnet detection model was proposed by combining honeypot with machine learning, specifically designed for smart factories. The investigation was carried out in a hardware configuration virtually mimicking a smart factory environment.

scholarly journals A STUDY ON ADVANCED BOTNETS DETECTION IN VARIOUS COMPUTING SYSTEMS USING MACHINE LEARNING TECHNIQUES

2020 ◽  
pp. 167-173
Author(s):  
K. Vamshi Krishna
Keyword(s):  
Machine Learning ◽  
Network Traffic ◽  
Emerging Technologies ◽  
Denial Of Service ◽  
Machine Learning Techniques ◽  
Botnet Detection ◽  
Detection Techniques ◽  
Learning Techniques ◽  
Network Equipment ◽  
Internet Network

Due to the rapid growth and use of Emerging technologies such as Artificial Intelligence, Machine Learning and Internet of Things, Information industry became so popular, meanwhile these Emerging technologies have brought lot of impact on human lives and internet network equipment has increased. This increment of internet network equipment may bring some serious security issues. A botnet is a number of Internet-connected devices, each of which is running one or more bots.The main aim of botnet is to infect connected devices and use their resource for automated tasks and generally they remain hidden. Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam, and allow the attacker to access the device and its connection. In this paper we are going to address the advanced Botnet detection techniques using Machine Learning. Traditional botnet detection uses manual analysis and blacklist, and the efficiency is very low. Applying machine learning to batch automatic detection of botnets can greatly improve the efficiency of detection. Using machine learning to detect botnets, we need to collect network traffic and extract traffic characteristics, and then use X-Means, SVM algorithm to detect botnets. According to the difference of detection features, botnet detection based on machine learning technology is divided into network traffic analysis and correlation analysis-based detection technology. KEYWORDS: Botnet, Study, Security, Internet-network, Machine Learning, Techniques.

scholarly journals Hybrid rule-based botnet detection approach using machine learning for analysing DNS traffic

2021 ◽  
Vol 7 ◽  
pp. e640
Author(s):  
Saif Al-mashhadi ◽  
Mohammed Anbar ◽  
Iznan Hasbullah ◽  
Taief Alaa Alamiedy
Keyword(s):  
Machine Learning ◽  
False Positive ◽  
False Positive Rate ◽  
Communication Protocols ◽  
Cyber Attacks ◽  
Machine Learning Algorithms ◽  
Detection Accuracy ◽  
Botnet Detection ◽  
Internet Service ◽  
Positive Rate

Botnets can simultaneously control millions of Internet-connected devices to launch damaging cyber-attacks that pose significant threats to the Internet. In a botnet, bot-masters communicate with the command and control server using various communication protocols. One of the widely used communication protocols is the ‘Domain Name System’ (DNS) service, an essential Internet service. Bot-masters utilise Domain Generation Algorithms (DGA) and fast-flux techniques to avoid static blacklists and reverse engineering while remaining flexible. However, botnet’s DNS communication generates anomalous DNS traffic throughout the botnet life cycle, and such anomaly is considered an indicator of DNS-based botnets presence in the network. Despite several approaches proposed to detect botnets based on DNS traffic analysis; however, the problem still exists and is challenging due to several reasons, such as not considering significant features and rules that contribute to the detection of DNS-based botnet. Therefore, this paper examines the abnormality of DNS traffic during the botnet lifecycle to extract significant enriched features. These features are further analysed using two machine learning algorithms. The union of the output of two algorithms proposes a novel hybrid rule detection model approach. Two benchmark datasets are used to evaluate the performance of the proposed approach in terms of detection accuracy and false-positive rate. The experimental results show that the proposed approach has a 99.96% accuracy and a 1.6% false-positive rate, outperforming other state-of-the-art DNS-based botnet detection approaches.

scholarly journals Towards a Universal Features Set for IoT Botnet Attacks Detection

2020 ◽  
Author(s):  
Faisal Hussain ◽  
Syed Ghazanfar Abbas ◽  
Ubaid U. Fayyaz ◽  
Ghalib A. Shah ◽  
Abdullah Toqeer ◽  
...  
Keyword(s):  
Machine Learning ◽  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Learning Models ◽  
Botnet Detection ◽  
Detection Techniques ◽  
Machine Learning Model ◽  
Attack Patterns ◽  
Iot Devices ◽  
Machine Learning Models

Abstract The security pitfalls of IoT devices make it easy for the attackers to exploit the IoT devices and make them a part of a botnet. Once hundreds of thousands of IoT devices are compromised and become the part of a botnet, the attackers use this botnet to launch the large and complex distributed denial of service (DDoS) attacks which take down the target websites or services and make them unable to respond the legitimate users. So far, many botnet detection techniques have been proposed but their performance is limited to a specific dataset on which they are trained. This is because the features used to train a machine learning model on one botnet dataset, do not perform well on other datasets due to the diversity of attack patterns. Therefore, in this paper, we propose a universal features set to better detect the botnet attacks regardless of the underlying dataset. The proposed features set manifest preeminent results for detecting the botnet attacks when tested the trained machine learning models over three different botnet attack datasets.

scholarly journals An Effective Conversation-Based Botnet Detection Method

2017 ◽  
Vol 2017 ◽  
pp. 1-9 ◽  
Author(s):  
Ruidong Chen ◽  
Weina Niu ◽  
Xiaosong Zhang ◽  
Zhongliu Zhuo ◽  
Fengmao Lv
Keyword(s):  
High Speed ◽  
Detection System ◽  
False Positive Rate ◽  
Denial Of Service ◽  
Supervised Machine Learning ◽  
Detection Methods ◽  
Network Environment ◽  
Botnet Detection ◽  
Processing Technologies ◽  
High Speed Network

A botnet is one of the most grievous threats to network security since it can evolve into many attacks, such as Denial-of-Service (DoS), spam, and phishing. However, current detection methods are inefficient to identify unknown botnet. The high-speed network environment makes botnet detection more difficult. To solve these problems, we improve the progress of packet processing technologies such as New Application Programming Interface (NAPI) and zero copy and propose an efficient quasi-real-time intrusion detection system. Our work detects botnet using supervised machine learning approach under the high-speed network environment. Our contributions are summarized as follows: (1) Build a detection framework using PF_RING for sniffing and processing network traces to extract flow features dynamically. (2) Use random forest model to extract promising conversation features. (3) Analyze the performance of different classification algorithms. The proposed method is demonstrated by well-known CTU13 dataset and nonmalicious applications. The experimental results show our conversation-based detection approach can identify botnet with higher accuracy and lower false positive rate than flow-based approach.

scholarly journals Feature-Selection and Mutual-Clustering Approaches to Improve DoS Detection and Maintain WSNs’ Lifetime

Sensors ◽  
2021 ◽  
Vol 21 (14) ◽  
pp. 4821
Author(s):  
Rami Ahmad ◽  
Raniyah Wazirali ◽  
Qusay Bsoul ◽  
Tarik Abu-Ain ◽  
Waleed Abu-Ain
Keyword(s):  
Machine Learning ◽  
Feature Selection ◽  
Open Field ◽  
Network Lifetime ◽  
Detection Efficiency ◽  
Denial Of Service ◽  
Harmony Search ◽  
Machine Learning Algorithms ◽  
Transport Layer ◽  
Feature Selection Techniques

Wireless Sensor Networks (WSNs) continue to face two major challenges: energy and security. As a consequence, one of the WSN-related security tasks is to protect them from Denial of Service (DoS) and Distributed DoS (DDoS) attacks. Machine learning-based systems are the only viable option for these types of attacks, as traditional packet deep scan systems depend on open field inspection in transport layer security packets and the open field encryption trend. Moreover, network data traffic will become more complex due to increases in the amount of data transmitted between WSN nodes as a result of increasing usage in the future. Therefore, there is a need to use feature selection techniques with machine learning in order to determine which data in the DoS detection process are most important. This paper examined techniques for improving DoS anomalies detection along with power reservation in WSNs to balance them. A new clustering technique was introduced, called the CH_Rotations algorithm, to improve anomaly detection efficiency over a WSN’s lifetime. Furthermore, the use of feature selection techniques with machine learning algorithms in examining WSN node traffic and the effect of these techniques on the lifetime of WSNs was evaluated. The evaluation results showed that the Water Cycle (WC) feature selection displayed the best average performance accuracy of 2%, 5%, 3%, and 3% greater than Particle Swarm Optimization (PSO), Simulated Annealing (SA), Harmony Search (HS), and Genetic Algorithm (GA), respectively. Moreover, the WC with Decision Tree (DT) classifier showed 100% accuracy with only one feature. In addition, the CH_Rotations algorithm improved network lifetime by 30% compared to the standard LEACH protocol. Network lifetime using the WC + DT technique was reduced by 5% compared to other WC + DT-free scenarios.

Android botnet detection using machine learning models based on a comprehensive static analysis approach

2021 ◽  
Vol 58 ◽  
pp. 102735
Author(s):  
Wadi’ Hijawi ◽  
Ja’far Alqatawna ◽  
Ala’ M. Al-Zoubi ◽  
Mohammad A. Hassonah ◽  
Hossam Faris
Keyword(s):  
Machine Learning ◽  
Static Analysis ◽  
Analysis Approach ◽  
Learning Models ◽  
Botnet Detection ◽  
Machine Learning Models

scholarly journals AI-Driven Framework for Recognition of Guava Plant Diseases through Machine Learning from DSLR Camera Sensor Based High Resolution Imagery

Sensors ◽  
2021 ◽  
Vol 21 (11) ◽  
pp. 3830
Author(s):  
Ahmad Almadhor ◽  
Hafiz Tayyab Rauf ◽  
Muhammad Ikram Ullah Lali ◽  
Robertas Damaševičius ◽  
Bader Alouffi ◽  
...  
Keyword(s):  
Machine Learning ◽  
High Resolution ◽  
Color Difference ◽  
Plant Diseases ◽  
Economic Losses ◽  
Production Loss ◽  
Postharvest Diseases ◽  
Tropical Regions ◽  
Guava Fruit ◽  
Tree Classifier

Plant diseases can cause a considerable reduction in the quality and number of agricultural products. Guava, well known to be the tropics’ apple, is one significant fruit cultivated in tropical regions. It is attacked by 177 pathogens, including 167 fungal and others such as bacterial, algal, and nematodes. In addition, postharvest diseases may cause crucial production loss. Due to minor variations in various guava disease symptoms, an expert opinion is required for disease analysis. Improper diagnosis may cause economic losses to farmers’ improper use of pesticides. Automatic detection of diseases in plants once they emerge on the plants’ leaves and fruit is required to maintain high crop fields. In this paper, an artificial intelligence (AI) driven framework is presented to detect and classify the most common guava plant diseases. The proposed framework employs the ΔE color difference image segmentation to segregate the areas infected by the disease. Furthermore, color (RGB, HSV) histogram and textural (LBP) features are applied to extract rich, informative feature vectors. The combination of color and textural features are used to identify and attain similar outcomes compared to individual channels, while disease recognition is performed by employing advanced machine-learning classifiers (Fine KNN, Complex Tree, Boosted Tree, Bagged Tree, Cubic SVM). The proposed framework is evaluated on a high-resolution (18 MP) image dataset of guava leaves and fruit. The best recognition results were obtained by Bagged Tree classifier on a set of RGB, HSV, and LBP features (99% accuracy in recognizing four guava fruit diseases (Canker, Mummification, Dot, and Rust) against healthy fruit). The proposed framework may help the farmers to avoid possible production loss by taking early precautions.

Sign in / Sign up

Export Citation Format

Share Document