{"title":"A novel botnet attack detection for IoT networks based on communication graphs","authors":"David Concejal Muñoz, Antonio del-Corte Valiente","doi":"10.1186/s42400-023-00169-6","DOIUrl":null,"url":null,"abstract":"<h3 data-test=\"abstract-sub-heading\">Abstract</h3><p>Intrusion detection systems have been proposed for the detection of botnet attacks. Various types of centralized or distributed cloud-based machine learning and deep learning models have been suggested. However, the emergence of the Internet of Things (IoT) has brought about a huge increase in connected devices, necessitating a different approach. In this paper, we propose to perform detection on IoT-edge devices. The suggested architecture includes an anomaly intrusion detection system in the application layer of IoT-edge devices, arranged in software-defined networks. IoT-edge devices request information from the software-defined networks controller about their own behaviour in the network. This behaviour is represented by communication graphs and is novel for IoT networks. This representation better characterizes the behaviour of the device than the traditional analysis of network traffic, with a lower volume of information. Botnet attack scenarios are simulated with the IoT-23 dataset. Experimental results show that attacks are detected with high accuracy using a deep learning model with low device memory requirements and significant storage reduction for training.\n</p><h3 data-test=\"abstract-sub-heading\">Graphical abstract</h3>\n","PeriodicalId":36402,"journal":{"name":"Cybersecurity","volume":null,"pages":null},"PeriodicalIF":3.9000,"publicationDate":"2023-12-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Cybersecurity","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1186/s42400-023-00169-6","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
Intrusion detection systems have been proposed for the detection of botnet attacks. Various types of centralized or distributed cloud-based machine learning and deep learning models have been suggested. However, the emergence of the Internet of Things (IoT) has brought about a huge increase in connected devices, necessitating a different approach. In this paper, we propose to perform detection on IoT-edge devices. The suggested architecture includes an anomaly intrusion detection system in the application layer of IoT-edge devices, arranged in software-defined networks. IoT-edge devices request information from the software-defined networks controller about their own behaviour in the network. This behaviour is represented by communication graphs and is novel for IoT networks. This representation better characterizes the behaviour of the device than the traditional analysis of network traffic, with a lower volume of information. Botnet attack scenarios are simulated with the IoT-23 dataset. Experimental results show that attacks are detected with high accuracy using a deep learning model with low device memory requirements and significant storage reduction for training.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
