<p>The Internet of Things (IoT) infrastructure enables widespread connectivity but also adds significant security risks due to the vulnerabilities and different types of attack on IoT devices. Botnet attacks techniques like Distributed Denial of Service (DDoS) and data theft, potentially trigger national emergencies. To mitigate this, ML-BoTDAM (machine learning-driven botnet detection and alerting mechanism), a novel machine learning-driven framework for real-time IoT botnet detection and alerting, has been proposed in this paper. Using machine learning (ML) algorithms, ML-BoTDAM identifies and notifies stakeholders of botnet activities. The proposed framework is trained and evaluated on the contemporary CICIoT2023 dataset, which captures comprehensive IoT attack scenarios covering 105 various products with 33 distinct attack variations primarily categorised into the seven groups of DoS, DDoS, Recon, Web-based, Brute Force, Spoofing, and Mirai. The proposed framework achieved mean values up to 97.52% accuracy, 96.28% precision, 98.89% recall and 97.56% F1-score during training. In a real-world testing scenario, during an ideal situation, the system achieved 98.94% accuracy and 93.57% of prediction confidence score (PCS) in 3.21&#xa0;s. Under the attack scenario with only malicious data, it achieved 96.73% accuracy and 88.81% of PCS within 0.0603&#xa0;s. Interestingly, when both classes of data were there in the attack scenario, it achieved 97.71% accuracy, 88.76% PCS and 1.00 ROC-AUC curve in 2.5249&#xa0;s. This offered a cost-effective, scalable framework that can help in empowering government, organisations, and smaller entities like educational institutions to mitigate botnet threats. By providing high accuracy and real-time alerts, ML-BoTDAM can be embedded to enhance the security in various applications like smart cities, industrial IoT (IIoT), banking and financial services, defence and critical national infrastructure, healthcare, transportation, energy, education, and cybersecurity.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

ML-BoTDAM: machine learning driven botnet detection and alerting mechanism

  • Happy,
  • Rita Chhikara,
  • Neeti Kashyap

摘要

The Internet of Things (IoT) infrastructure enables widespread connectivity but also adds significant security risks due to the vulnerabilities and different types of attack on IoT devices. Botnet attacks techniques like Distributed Denial of Service (DDoS) and data theft, potentially trigger national emergencies. To mitigate this, ML-BoTDAM (machine learning-driven botnet detection and alerting mechanism), a novel machine learning-driven framework for real-time IoT botnet detection and alerting, has been proposed in this paper. Using machine learning (ML) algorithms, ML-BoTDAM identifies and notifies stakeholders of botnet activities. The proposed framework is trained and evaluated on the contemporary CICIoT2023 dataset, which captures comprehensive IoT attack scenarios covering 105 various products with 33 distinct attack variations primarily categorised into the seven groups of DoS, DDoS, Recon, Web-based, Brute Force, Spoofing, and Mirai. The proposed framework achieved mean values up to 97.52% accuracy, 96.28% precision, 98.89% recall and 97.56% F1-score during training. In a real-world testing scenario, during an ideal situation, the system achieved 98.94% accuracy and 93.57% of prediction confidence score (PCS) in 3.21 s. Under the attack scenario with only malicious data, it achieved 96.73% accuracy and 88.81% of PCS within 0.0603 s. Interestingly, when both classes of data were there in the attack scenario, it achieved 97.71% accuracy, 88.76% PCS and 1.00 ROC-AUC curve in 2.5249 s. This offered a cost-effective, scalable framework that can help in empowering government, organisations, and smaller entities like educational institutions to mitigate botnet threats. By providing high accuracy and real-time alerts, ML-BoTDAM can be embedded to enhance the security in various applications like smart cities, industrial IoT (IIoT), banking and financial services, defence and critical national infrastructure, healthcare, transportation, energy, education, and cybersecurity.