A Lightweight Method for Botnet Detection in Internet of Things Environment

被引:1
作者
Ma, Wei [1 ]
Wang, Xing [2 ]
Dong, Jie [1 ]
Hu, Mingsheng [3 ]
Zhou, Qinglei [4 ]
机构
[1] North China Univ Water Resources & Elect Power, Sch Informat Engn, Zhengzhou 450046, Peoples R China
[2] Hangzhou Hikvis Digital Technol Co Ltd, Hangzhou 31051, Peoples R China
[3] Zhengzhou Normal Univ, Sch Informat Sci & Technol, Zhengzhou 450001, Peoples R China
[4] Zhengzhou Univ, Sch Informat Engn, Zhengzhou 450001, Peoples R China
来源
IEEE TRANSACTIONS ON NETWORK SCIENCE AND ENGINEERING | 2025年 / 12卷 / 04期
基金
中国国家自然科学基金;
关键词
Internet of Things; Botnet; Feature extraction; Denial-of-service attack; Servers; Training; Image edge detection; Convolutional neural networks; Telecommunication traffic; Performance evaluation; IoT security; botnet detection; feature selection; lightweight; DEEP LEARNING APPROACH; IOT; DDOS;
D O I
10.1109/TNSE.2025.3548411
中图分类号
T [工业技术];
学科分类号
08 ;
摘要
Botnets pose a significant threat to Internet of Things (IoT) environments due to the limited computational resources of IoT devices, making traditional detection methods difficult to implement. These constraints not only hinder effective real-time detection but also leave networks vulnerable to large-scale DDoS and botnet attacks, posing a critical threat to modern connected systems. Aiming to design a lightweight botnet detection method for IoT networks, we propose a novel cloud-edge-node framework that decouples the computationally intensive training phase from the real-time detection phase. In our framework, the node layer comprises resource-constrained IoT devices that collect raw network data, the edge layer hosts lightweight detection modules for rapid analysis, and the cloud layer performs heavy-duty model training and incremental updates. Additionally, we propose a two-step feature selection process, in which the first step uses the cumulative density function (CDF) to rank features based on their distribution characteristics, and the second step applies Gini importance to further refine the feature set. This process effectively reduces computational overhead while retaining highly discriminative features for lightweight botnet detection. Experimental results on a public IoT dataset reveal that our method reduces detection time by up to 52% and energy consumption by up to 71% while maintaining high detection accuracy. These significant improvements not only validate the efficiency of our approach but also underline its potential to transform IoT security by enabling scalable, low-cost, and real-time botnet detection in diverse practical scenarios.
引用
收藏
页码:2458 / 2472
页数:15
相关论文
共 60 条
[1]   Features Dimensionality Reduction Approaches for Machine Learning Based Network Intrusion Detection [J].
Abdulhammed, Razan ;
Musafer, Hassan ;
Alessa, Ali ;
Faezipour, Miad ;
Abuzneid, Abdelshakour .
ELECTRONICS, 2019, 8 (03)
[2]   A SEL for attack detection in IoT/IIoT networks [J].
Abdulkareem, Sulyman Age ;
Foh, Chuan Heng ;
Carrez, Francois ;
Moessner, Klaus .
JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2024, 230
[3]   A new DDoS attacks intrusion detection model based on deep learning for cybersecurity [J].
Akgun, Devrim ;
Hizal, Selman ;
Cavusoglu, Unal .
COMPUTERS & SECURITY, 2022, 118
[4]  
Al-Amiedy T. A., 2024, P 4 INT C EM SMART T, P1, DOI [10.1109/eSmarTA62850.2024, DOI 10.1109/ESMARTA62850.2024]
[5]   Towards an Explainable Universal Feature Set for IoT Intrusion Detection [J].
Alani, Mohammed M. ;
Miri, Ali .
SENSORS, 2022, 22 (15)
[6]   IoT Intrusion Detection Using Machine Learning with a Novel High Performing Feature Selection Method [J].
Albulayhi, Khalid ;
Abu Al-Haija, Qasem ;
Alsuhibany, Suliman A. ;
Jillepalli, Ananth A. ;
Ashrafuzzaman, Mohammad ;
Sheldon, Frederick T. .
APPLIED SCIENCES-BASEL, 2022, 12 (10)
[7]  
[Anonymous], Internet of Things (IoT) connected devices installed base worldwide from 2015 to 2025
[8]  
Apthorpe N, 2017, Arxiv, DOI arXiv:1705.06805
[9]   AI techniques for IoT-based DDoS attack detection: Taxonomies, comprehensive review and research challenges [J].
Bala, Bindu ;
Behal, Sunny .
COMPUTER SCIENCE REVIEW, 2024, 52
[10]   Towards a machine learning-based framework for DDOS attack detection in software-defined IoT (SD-IoT) networks [J].
Bhayo, Jalal ;
Shah, Syed Attique ;
Hameed, Sufian ;
Ahmed, Awais ;
Nasir, Jamal ;
Draheim, Dirk .
ENGINEERING APPLICATIONS OF ARTIFICIAL INTELLIGENCE, 2023, 123