Hybrid Deep Learning for Botnet Attack Detection in the Internet-of-Things Networks

Deep learning (DL) is an efficient method for botnet attack detection. However, the volume of network traffic data and memory space required is usually large. It is, therefore, almost impossible to implement the DL method in memory-constrained Internet-of-Things (IoT) devices. In this article, we re...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:IEEE internet of things journal Ročník 8; číslo 6; s. 4944 - 4956
Hlavní autoři: Popoola, Segun I., Adebisi, Bamidele, Hammoudeh, Mohammad, Gui, Guan, Gacanin, Haris
Médium: Journal Article
Jazyk:angličtina
Vydáno: Piscataway IEEE 15.03.2021
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Témata:
Autoencoder
Botnet
botnet detection
Communications traffic
Data storage
Decision trees
Deep learning
Dimensional changes
Dimensionality reduction
Feature extraction
Internet of Things
Internet of Things (IoT)
long short-term memory (LSTM)
Machine learning
Malware
Memory devices
Protocols
Reduction
Support vector machines
ISSN:2327-4662, 2327-4662
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:Deep learning (DL) is an efficient method for botnet attack detection. However, the volume of network traffic data and memory space required is usually large. It is, therefore, almost impossible to implement the DL method in memory-constrained Internet-of-Things (IoT) devices. In this article, we reduce the feature dimensionality of large-scale IoT network traffic data using the encoding phase of long short-term memory autoencoder (LAE). In order to classify network traffic samples correctly, we analyze the long-term inter-related changes in the low-dimensional feature set produced by LAE using deep bidirectional long short-term memory (BLSTM). Extensive experiments are performed with the BoT-IoT data set to validate the effectiveness of the proposed hybrid DL method. Results show that LAE significantly reduced the memory space required for large-scale network traffic data storage by 91.89%, and it outperformed state-of-the-art feature dimensionality reduction methods by 18.92-27.03%. Despite the significant reduction in feature size, the deep BLSTM model demonstrates robustness against model underfitting and overfitting. It also achieves good generalisation ability in binary and multiclass classification scenarios.
Bibliografie:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:2327-4662
2327-4662
DOI:10.1109/JIOT.2020.3034156