Network Traffic Visualization Coupled With Convolutional Neural Networks for Enhanced IoT Botnet Detection

Systemic vulnerabilities in the Internet of Things (IoT) pose a challenge for establishing robust cybersecurity strategies. These challenges leave IoT devices susceptible to infection, often falling victim to far-reaching Botnets. To counter these risks, Intrusion Detection Systems (IDS) are designed to detect attacks within the network, mitigating the dangers presented by architecturally vulnerable IoT devices. However, IDS solutions are designed to operate at the center of the network, requiring network traffic to be forwarded inwards and consequently hampers reaction times while straining network resources. This paper introduces an IoT Botnet detection pipeline composed of a novel network traffic visualization methodology and a Convolutional Neural Network (CNN). The pipeline operates on an embedded system at the edge of the network, transforming network traffic into a visual format for subsequent cyberattack classification by the CNN. By leveraging the advantages of CNNs in efficiently classifying images, the pipeline achieves high accuracy in detecting Botnet attacks while maintaining an efficient design. During testing, we applied the pipeline to the N-BaIoT and IoT-23 datasets and observed high cyberattack detection rates of 100% and 99.78%, respectively. Furthermore, we observed a 2.4 times greater throughput (packets/second) and a 21.4% reduction in model size compared to a Deep Neural Network of similar accuracy.