Towards an Efficient Approach Using Graph-Based Evolutionary Algorithm for IoT Botnet Detection

被引:0
作者
Ngo Q.-D. [1 ]
Nguyen H.-T. [2 ]
机构
[1] Posts and Telecommunications Institute of Technology, Hanoi
[2] People’s Security Academy, Hanoi
来源
Informatica (Slovenia) | 2023年 / 47卷 / 06期
关键词
evolutionary algorithm; IoT botnet; IoT security; PSI graph;
D O I
10.31449/inf.v47i6.3714
中图分类号
学科分类号
摘要
In recent years, a large number of Internet of Things devices are used in life, many of which are vulnerable to attacks from a security perspective. Botnet malware is one of the main threats to IoT devices. Hence detection of IoT botnet is one of the most important challenge for IoT devices. This paper proposes an IoT botnet detection approach based on PSI graph data combine with evolutionary algorithm-based technique. In recent years, a large number of Internet of Things devices are used in life, many of which are vulnerable to attacks from a security perspective. Botnet malware is one of the main threats to IoT devices. Hence detection of IoT botnets is one of the most important challenges for IoT devices. In the paper, a IoT botnet detection approach based on PSI graph analysis by using the evolutionary algorithm-based technique. It applies bacterial evolution algorithm (BEA) in the training process on PSI graph multi-architecture IoT Botnet data to detect IoT Botnet. The PSI graphs were extracted from executable files and transform into vectors to feed into the classical machine learning classifiers. The result of the classifiers is then combine using soft voting method with BEA. The proposed method has achieved good experimental results (i.e., Accuracy at 95.30%, F1 at 96.15%). The approach also achieves a relatively low false-positive rate at 4.59%. © 2023 Slovene Society Informatika. All rights reserved.
引用
收藏
页码:97 / 104
页数:7
相关论文
共 26 条
[1]  
Internet of Things-Number of connected devices worldwide 2015-2025, (2019)
[2]  
Al-Hadhrami Y., Hussain F.K., DDoS attacks in IoT networks: a comprehensive systematic literature review, World Wide Web, 24, 3, pp. 971-1001, (2021)
[3]  
Silva Sergio S.C., Silva Rodrigo M.P., Pinto Raquel C.G., Salles Ronaldo M., Botnets: A survey, J. Comput. Netw. Elsevier, 57, 2, pp. 378-403, (2013)
[4]  
Bertino E., Islam N., Botnets and internet of things security, Computer, 50, 2, pp. 76-79, (2017)
[5]  
Ozawa S., Ban T., Hashimoto N., Nakazato J., Shimamura J., A study of IoT malware activities using association rule learning for darknet sensor data, International Journal of Information Security, 19, 1, pp. 83-92, (2020)
[6]  
Peters W., Dehghantanha A., Parizi R.M., Srivastava G., A comparison of state-of-the-art machine learning models for OpCode-based IoT malware detection, Handbook of Big Data Privacy, pp. 109-120, (2020)
[7]  
Takase H., Kobayashi R., Kato M., Ohmura R., A prototype implementation and evaluation of the malware detection mechanism for IoT devices using the processor information, International Journal of Information Security, 19, 1, pp. 71-81, (2020)
[8]  
Le H.V., Ngo Q.D., V-Sandbox for Dynamic Analysis IoT Botnet, IEEE Access, 8, pp. 145768-145786, (2020)
[9]  
Nguyen H.T., Ngo Q.D., Le V.H., A novel graph-based approach for IoT botnet detection, Int. J. Inf. Secur, 19, 5, pp. 567-577, (2020)
[10]  
Ma W., Duan P., Liu S., Gu G., Liu J.C., Shadow attacks: automatically evading system-call-behavior based malware detection, J. Comput. Virol, 8, 1, pp. 1-13, (2012)
123