Botnet detection in the Internet of Things using deep learning approaches.

The recent growth of the Internet of Things (IoT) has resulted in a rise in IoT based DDoS attacks. This paper presents a solution to the detection of botnet activity within consumer IoT devices and networks. A novel application of Deep Learning is used to develop a detection model based on a Bidirectional Long Short Term Memory based Recurrent Neural Network (BLSTM-RNN). Word Embedding is used for text recognition and conversion of attack packets into tokenised integer format. The developed BLSTM-RNN detection model is compared to a LSTM-RNN for detecting four attack vectors used by the mirai botnet, and evaluated for accuracy and loss. The paper demonstrates that although the bidirectional approach adds overhead to each epoch and increases processing time, it proves to be a better progressive model over time. A labelled dataset was generated as part of this research, and is available upon request

NIDS: An Efficient Network Intrusion Detection Model for Security of Big Data Using Different Machine Learning classifiers

Security of the big data is one of the important challenges which needs to be addressed by designing an efficient network intrusion model for detecting the unauthenticated intruders in the network. The model should be able to detect the validity of the packet. The detection of intrusions in network was already represented by multiple researchers using different algorithms which still needs instant addressing. Proposing a machine learning classifier algorithm for intrusion detection. The KDD intrusion dataset is used in training the machine for identifying the different intrusions of the network traffic. The machine must be trained efficiently using the different classification algorithms and the security for the data needs to be attained by identifying the invalid network packets. The experimental results demonstrate that the random forest ensemble machine learning classifier is having highest accuracy of 0.2 % when compared with the existing research results in the identification of different intrusions towards the network packets

Implementation of threats detection modeling with Deep learning in IoT botnet attack environment

IoT forensics where security and privacy are the key concern as the data the majorly hold personal information. So how to work on the vulnerabilities available from the IoT environment and classify them to get the best results to perform the forensics is covered in the paper. In IoT forensics botnet dataset analysed using deep learning classification to get the understanding that how deep learning can be used effectively for forensic analysis. So, research work provides advanced digital forensics methods i.e., collection of evidence and analysis of dataset for IoT forensics implementation. Since a decade ago, we are seeing a reality where hacking into a client's PC utilizing small bots or blocking a gathering of interconnected gadgets is not any more unthinkable. These little bots are called botnets (e.g., Mirai, Torii and so on.), which are a gathering of deadly codes that can obstruct the whole security. As Internet of Things (IoT) is developing quickly, the interconnected gadgets are helpless to penetrate as one influenced gadget can crumple the entire system. As Internet of Things (IoT) is developing quickly, the interconnected gadgets are defenseless to break as one influenced gadget can hamper the entire system. The security danger stays as botnet assaults increment their essence to the interconnected gadgets. In this work, we are proposing a novel correlation between AI (SVM and KNN) and profound learning draws near (Neural system) to discover which approach creates better outcome while learning the assault designs. Research explores the IoT forensics analysis. In IoT forensics models were applied on a composite information storehouse which was made by consolidating the outcomes found from the examination we did on Torii botnet test, with the CTU-13 dataset of botnet assaults on IoT environment

Isolation of DDoS Attacks and Flash Events in Internet Traffic Using Deep Learning Techniques

The adoption of network function visualization (NFV) and software-defined radio (SDN) has created a tremendous increase in Internet traffic due to flexibility brought in the network layer. An increase in traffic flowing through the network poses a security threat that becomes tricky to detect and hence selects an appropriate mitigation strategy. Under such a scenario occurrence of the distributed denial of service (DDoS) and flash events (FEs) affect the target servers and interrupt services. Isolating the attacks is the first step before selecting an appropriate mitigation technique. However, detecting and isolating the DDoS attacks from FEs when happening simultaneously is a challenge that has attracted the attention of many researchers. This study proposes a deep learning framework to detect the FEs and DDoS attacks occurring simultaneously in the network and isolates one from the other. This step is crucial in designing appropriate mechanisms to enhance network resilience against such cyber threats. The experiments indicate that the proposed model possesses a high accuracy level in detecting and isolating DDoS attacks and FEs in networked systems

Mass Removal of Botnet Attacks Using Heterogeneous Ensemble Stacking PROSIMA classifier in IoT

In an Internet of Things (IoT) environment, any object, which is equipped with sensor node and other electronic devices can involve in the communication over wireless network. Hence, this environment is highly vulnerable to Botnet attack. Botnet attack degrades the system performance in a manner difficult to get identified by the IoT network users. The Botnet attack is incredibly difficult to observe and take away in restricted time. there are challenges prevailed in the detection of Botnet attack due to number of reasons such as its unique structurally repetitive nature, performing non uniform and dissimilar activities and  invisible nature followed by deleting the record of history. Even though existing mechanisms have taken action against the Botnet attack proactively, it has been observed failing to capture the frequent abnormal activities of Botnet attackers .When number of devices in the IoT environment increases, the existing mechanisms have missed more number of Botnet due to its functional complexity. So this type of attack is very complex in nature and difficult to identify. In order to detect Botnet attack, Heterogeneous Ensemble Stacking PROSIMA classifier is proposed. This takes advantage of cluster sampling in place of conventional random sampling for higher accuracy of prediction. The proposed classifier is tested on an experimental test setup with 20 nodes. The proposed approach enables mass removal of Botnet attack detection with higher accuracy that helps in the IoT environment to maintain the reliability of the entire network

Denial of Service Detection for IoT Networks Using Machine Learning

The Internet of Things (IoT) is considered one of the trending technologies today. IoT affects a variety of industries, including logistics tracking, healthcare, automotive and smart cities. A rising number of cyberattacks and breaches are rapidly targeting networks equipped with IoT devices. Due to the resource-constrained nature of the IoT devices, one of the Internet security issues impacting IoT devices is the Denial-of-Service (DoS). This encourages the development of new techniques for automatically detecting DoS in IoT networks. In this paper, we test the performance of the following Machine Learning (ML) algorithms in detecting IoT DoS attacks using packet analysis at regular time intervals: Neural Networks (NN), Gaussian Naive Bayes (NB), Decision Trees (DT), and Support Vector Machine (SVM). We were able to achieve 98% accuracy in intrusion detection for IoT devices. We have created a novel way of detecting the attacks using only six attributes, which significantly reduces the time to train the ML Models by 58% on average. This research is based on data collected from actual IoT attacks on IoT networks. This paper shows that using the DT or NN; we can detect attacks on IoT devices. Furthermore, it shows that NB and SVM are poor in detecting IoT attacks. In addition, it proves that middle boxes embedded with ML Models can be utilized to detect attacks in places such as houses, manufactures, and plants

Malware Detection in Internet of Things (IoT) Devices Using Deep Learning

Internet of Things (IoT) devices usage is increasing exponentially with the spread of the internet. With the increasing capacity of data on IoT devices, these devices are becoming venerable to malware attacks; therefore, malware detection becomes an important issue in IoT devices. An effective, reliable, and time-efficient mechanism is required for the identification of sophisticated malware. Researchers have proposed multiple methods for malware detection in recent years, however, accurate detection remains a challenge. We propose a deep learning-based ensemble classification method for the detection of malware in IoT devices. It uses a three steps approach; in the first step, data is preprocessed using scaling, normalization, and de-noising, whereas in the second step, features are selected and one hot encoding is applied followed by the ensemble classifier based on CNN and LSTM outputs for detection of malware. We have compared results with the state-of-the-art methods and our proposed method outperforms the existing methods on standard datasets with an average accuracy of 99.5%.publishedVersio