Call for Paper - Upcoming Issues

Attention-Based BI-LSTM Model to Detect Botnet Attacks over Internet of Things (IoT) Environments

International Journal of Electronics and Communication Engineering
© 2024 by SSRG - IJECE Journal
Volume 11 Issue 11
Year of Publication : 2024
Authors : Swapna Thota, D. Menaka
10.14445/23488549/IJECE-V11I11P111
pdf
How to Cite?

Swapna Thota, D. Menaka, "Attention-Based BI-LSTM Model to Detect Botnet Attacks over Internet of Things (IoT) Environments," SSRG International Journal of Electronics and Communication Engineering, vol. 11,  no. 11, pp. 118-132, 2024. Crossref, https://doi.org/10.14445/23488549/IJECE-V11I11P111

Abstract:

Detecting an IoT-botnet attack involves monitoring network traffic, identifying unusual behaviour, and implementing security measures to prevent and mitigate the impact of the attack. These days, hackers use botnets, a network of computational devices, to illegally access distributed resources and launch cyber-attacks against the “Internet of Things (IoT)”. A variety of “Machine Learning (ML) and Deep Learning (DL”) techniques have recently been developed to identify botnet assaults in IoT networks. The six main stages of the proposed paradigm are Botnet Attack Mitigation, Feature Extraction, Feature Selection, and Data Augmentation. First, data cleaning and data normalization (min-max normalization) are used to preprocess the raw data that has been gathered. The “Synthetic Minority Oversampling Technique (SMOTE)” method is then used to enrich the pre-processed data to address the class imbalance problem. Then, the supplemented data retrieved characteristics like Measure of Dispersion (Skewness, Variance, IQR), Central tendency (Generalized mean, Winsorized mean, Median, standard deviation, and variance), and Information Gain. The best features are selected using the extracted features. CUGOA stands for Clan Updated Grasshopper Optimization Algorithm, a hybrid optimization model. The Grasshopper Optimization Algorithm (GOA) and Elephant Herding Optimization (EHO) are combined to create the proposed CUGOA model. Next, the DCNN, Attention-based Bi-LSTM, and optimized RNN are all included in the new ensembled-deep-learning model, which detects Botnet Attacks. The chosen optimal features are used to fine-tune the DCNN and Attention-based Bi-LSTM. The improved RNN model receives the output of DCNN and Attention-based Bi-LSTM as input. The final detected outcome regarding the presence/ absence of a botnet attack is acquired from the optimized RNN model, whose bias function is fine-tuned using the new Hybrid optimization model. Once the attacker is found to be present in the network, it is mitigated using the new Botnet Traffic Filter (BTF). Thus, the network becomes highly reliable. The proposed model outperforms existing models regarding “accuracy, sensitivity, specificity, and precision”.

Keywords:

Botnet, Internet of Things, Deep Learning cyber security, Intrusion detection.

References:

[1] Andrea Zanella et al., “Internet of Things for Smart Cities,” IEEE Internet of Things Journal, vol. 1, no, 1, pp. 23-32, 2014.
[CrossRef] [Google Scholar] [Publisher Link]
[2] Cisco Annual Internet Report (2018–2023) White Paper, Cisco, pp. 1-35, 2020. [Online]. Available: https://www.cisco.com/c/en/us/solutions/collateral/executive-perspectives/annual-internet-report/white-paper-c11-741490.html
[3] Gernot Vormayr, Tanja Zseby, and Joachim Fabini, “Botnet Communication Patterns,” IEEE Communications Surveys & Tutorials, vol. 19, no. 4, pp. 2768-2796, 2017.
[CrossRef] [Google Scholar] [Publisher Link]
[4] Manos Antonakakis et al., “Understanding the Mirai Botnet,” Proceedings of the 26th USENIX Security Symposium, Vancouver, BC, Canada, pp. 1093-1110, 2017.
[Google Scholar] [Publisher Link]
[5] Constantinos Kolias et al., “DDoS in the IoT: Mirai and Other Botnets,” Computer, vol. 50, no. 7, pp. 80-84, 2017.
[CrossRef] [Google Scholar] [Publisher Link]
[6] Robert M. Lee, Michael J. Assante, and Tim Conway, “Analysis of the Cyber Attack on the Ukrainian Power Grid,” Electricity Information Sharing Analysis Center, pp. 1-23, 2016.
[Google Scholar] [Publisher Link]
[7] Brittany D. Davis, Janelle C. Mason, and Mohd Anwar, “Vulnerability Studies and Security Postures of IoT Devices: A Smart Home Case Study,” IEEE Internet of Things Journal, vol. 7, no. 10, pp. 10102-10110, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[8] Wei Zhou et al., “The Effect of IoT New Features on Security and Privacy: New Threats, Existing Solutions, and Challenges Yet to be Solved,” IEEE Internet of Things Journal, vol. 6, no. 2, pp. 1606-1616, 2019.
[CrossRef] [Google Scholar] [Publisher Link]
[9] Maria Stoyanova et al., “A Survey on the Internet of Things (IoT) Forensics: Challenges, Approaches, and Open Issues,” IEEE Communications Surveys & Tutorials, vol. 22, no. 2, pp. 1191-1221, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[10] Ioannis Stellios et al., “A Survey of IoT-Enabled Cyberattacks: Assessing Attack Paths to Critical Infrastructures and Services,” IEEE Communications Surveys & Tutorials, vol. 20, no. 4, pp. 3453-3495, 2018.
[CrossRef] [Google Scholar] [Publisher Link]
[11] Tie Qiu et al., “How Can Heterogeneous Internet of Things Build Our Future: A Survey,” IEEE Communications Surveys & Tutorials, vol. 20, no. 3, pp. 2011-2017, 2018.
[CrossRef] [Google Scholar] [Publisher Link]
[12] Dave McMillen, Wei Gao, and Charles DeBeck, “A New Botnet Attack Just Mozied into Town,” Security Intelligence, 2020.
[Google Scholar] [Publisher Link]
[13] Saleh Soltan, Prateek Mittal, and H. Vincent Poor, “BlackIoT: IoT Botnet of High Wattage Devices can Disrupt the Power Grid,” Proceedings of the 27th USENIX Security Symposium, Baltimore, MD, USA, pp. 15-32, 2021.
[Google Scholar] [Publisher Link]
[14] Saleh Soltan, Prateek Mittal, and H. Vincent Poor, “Protecting the Grid against IoT Botnets of High-Wattage Devices,” Arxiv, pp. 1-15, 2018.
[CrossRef] [Google Scholar] [Publisher Link]
[15] Harjinder Singh Lallie et al., “Cyber Security in the Age of Covid-19: A Timeline and Analysis of Cyber-Crime and Cyber-Attacks during the Pandemic,” Computers & Security, vol. 105, pp. 1-20, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[16] Nickolaos Koroniotis et al., “Towards the Development of Realistic Botnet Dataset in the Internet of Things for Network Forensic Analytics: Bot-IoT Dataset,” Future Generation Computer Systems, vol. 100, pp. 779-796, 2019.
[CrossRef] [Google Scholar] [Publisher Link]
[17] Meng Zhang et al., “Deep Learning for Short-Term Voltage Stability Assessment of Power Systems,” IEEE Access, vol. 9, pp. 29711-29718, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[18] Mahdi Ajdani, and Hamidreza Ghaffary, “Introduced a New Method for Enhancement of Intrusion Detection with Random Forest and PSO Algorithm,” Security and Privacy, vol. 4, no. 2, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[19] Mokhtar Mohammadi et al., “A Comprehensive Survey and Taxonomy of the SVM-Based Intrusion Detection Systems,” Journal of Network and Computer Applications, vol. 178, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[20] Mangayarkarasi Ramaiah et al., “An Intrusion Detection System Using Optimized Deep Neural Network Architecture,” Transactions on Emerging Telecommunications Technologies, vol. 32, no. 4, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[21] Karthik Kumar Vaigandla, Radha Krishna Karne, and Allanki Sanyasi Rao, “A Study on IoT Technologies, Standards and Protocols,” IBMRD's Journal of Management & Research, vol. 10, no. 2, pp. 7-14, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[22] Karthik Kumar Vaigandla et al., “Communication Technologies and Challenges on 6G Networks for the Internet: Internet of Things (IoT) Based Analysis,” 2022 2nd International Conference on Innovative Practices in Technology and Management, Gautam Buddha Nagar, India, pp. 27-31, 2022.
[CrossRef] [Google Scholar] [Publisher Link]