A novel botnet attack detection for IoT networks based on communication graphs
Abstract Intrusion detection systems have been proposed for the detection of botnet attacks. Various types of centralized or distributed cloud-based machine learning and deep learning models have been suggested. However, the emergence of the Internet of Things (IoT) has brought about a huge increase...
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
SpringerOpen
2023-12-01
|
| Series: | Cybersecurity |
| Subjects: | |
| Online Access: | https://doi.org/10.1186/s42400-023-00169-6 |
| _version_ | 1797414773946580992 |
|---|---|
| author | David Concejal Muñoz Antonio del-Corte Valiente |
| author_facet | David Concejal Muñoz Antonio del-Corte Valiente |
| author_sort | David Concejal Muñoz |
| collection | DOAJ |
| description | Abstract Intrusion detection systems have been proposed for the detection of botnet attacks. Various types of centralized or distributed cloud-based machine learning and deep learning models have been suggested. However, the emergence of the Internet of Things (IoT) has brought about a huge increase in connected devices, necessitating a different approach. In this paper, we propose to perform detection on IoT-edge devices. The suggested architecture includes an anomaly intrusion detection system in the application layer of IoT-edge devices, arranged in software-defined networks. IoT-edge devices request information from the software-defined networks controller about their own behaviour in the network. This behaviour is represented by communication graphs and is novel for IoT networks. This representation better characterizes the behaviour of the device than the traditional analysis of network traffic, with a lower volume of information. Botnet attack scenarios are simulated with the IoT-23 dataset. Experimental results show that attacks are detected with high accuracy using a deep learning model with low device memory requirements and significant storage reduction for training. Graphical abstract |
| first_indexed | 2024-03-09T05:38:42Z |
| format | Article |
| id | doaj.art-12c195dc182f412a92c79c62f4c13c07 |
| institution | Directory Open Access Journal |
| issn | 2523-3246 |
| language | English |
| last_indexed | 2024-03-09T05:38:42Z |
| publishDate | 2023-12-01 |
| publisher | SpringerOpen |
| record_format | Article |
| series | Cybersecurity |
| spelling | doaj.art-12c195dc182f412a92c79c62f4c13c072023-12-03T12:26:45ZengSpringerOpenCybersecurity2523-32462023-12-016111710.1186/s42400-023-00169-6A novel botnet attack detection for IoT networks based on communication graphsDavid Concejal Muñoz0Antonio del-Corte Valiente1Inetum España S.A.Department of Computer Engineering, Polytechnic School, University of AlcalaAbstract Intrusion detection systems have been proposed for the detection of botnet attacks. Various types of centralized or distributed cloud-based machine learning and deep learning models have been suggested. However, the emergence of the Internet of Things (IoT) has brought about a huge increase in connected devices, necessitating a different approach. In this paper, we propose to perform detection on IoT-edge devices. The suggested architecture includes an anomaly intrusion detection system in the application layer of IoT-edge devices, arranged in software-defined networks. IoT-edge devices request information from the software-defined networks controller about their own behaviour in the network. This behaviour is represented by communication graphs and is novel for IoT networks. This representation better characterizes the behaviour of the device than the traditional analysis of network traffic, with a lower volume of information. Botnet attack scenarios are simulated with the IoT-23 dataset. Experimental results show that attacks are detected with high accuracy using a deep learning model with low device memory requirements and significant storage reduction for training. Graphical abstracthttps://doi.org/10.1186/s42400-023-00169-6AutoencodersCommunication graphsCyberattacksInternet of Things |
| spellingShingle | David Concejal Muñoz Antonio del-Corte Valiente A novel botnet attack detection for IoT networks based on communication graphs Cybersecurity Autoencoders Communication graphs Cyberattacks Internet of Things |
| title | A novel botnet attack detection for IoT networks based on communication graphs |
| title_full | A novel botnet attack detection for IoT networks based on communication graphs |
| title_fullStr | A novel botnet attack detection for IoT networks based on communication graphs |
| title_full_unstemmed | A novel botnet attack detection for IoT networks based on communication graphs |
| title_short | A novel botnet attack detection for IoT networks based on communication graphs |
| title_sort | novel botnet attack detection for iot networks based on communication graphs |
| topic | Autoencoders Communication graphs Cyberattacks Internet of Things |
| url | https://doi.org/10.1186/s42400-023-00169-6 |
| work_keys_str_mv | AT davidconcejalmunoz anovelbotnetattackdetectionforiotnetworksbasedoncommunicationgraphs AT antoniodelcortevaliente anovelbotnetattackdetectionforiotnetworksbasedoncommunicationgraphs AT davidconcejalmunoz novelbotnetattackdetectionforiotnetworksbasedoncommunicationgraphs AT antoniodelcortevaliente novelbotnetattackdetectionforiotnetworksbasedoncommunicationgraphs |