SkipGateNet: A Lightweight CNN-LSTM Hybrid Model With Learnable Skip Connections for Efficient Botnet Attack Detection in IoT

被引:8
作者
Alshehri, Mohammed S. [1 ]
Ahmad, Jawad [2 ]
Almakdi, Sultan [1 ]
Qathrady, Mimonah Al [3 ]
Ghadi, Yazeed Yasin [4 ]
Buchanan, William J. [2 ]
机构
[1] Najran Univ, Coll Comp Sci & Informat Syst, Dept Comp Sci, Najran 61441, Saudi Arabia
[2] Edinburgh Napier Univ, Sch Comp Engn & Built Environm, Edinburgh EH10 5DT, Scotland
[3] Najran Univ, Coll Comp Sci & Informat Syst, Dept Informat Syst, Najran 61441, Saudi Arabia
[4] Al Ain Univ, Dept Comp Sci, Abu Dhabi, U Arab Emirates
关键词
Botnets; botnet attacks; bashlite; intrusion detection; Mirai; INTRUSION DETECTION; SECURITY; INTERNET;
D O I
10.1109/ACCESS.2024.3371992
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
The rise of Internet of Things (IoT) has led to increased security risks, particularly from botnet attacks that exploit IoT device vulnerabilities. This situation necessitates effective Intrusion Detection Systems (IDS), that are accurate, lightweight, and fast (having less inference time), designed particularly to detect botnet attacks in resource constrained IoT devices. This paper proposes SkipGateNet, a novel deep learning model designed for detecting Mirai and Bashlite botnet attacks in resource constrained IoT and fog computing environments. SkipGateNet is a lightweight, fast model combining 1D-Convolutional Neural Networks (CNN) and Long Short-Term Memory (LSTM) layers. The novelty of this model lies in the integration of 'Learnable Skip Connections'. These connections feature gating mechanisms that enhance detection by focusing on relevant features and ignoring irrelevant ones. They add adaptability to the architecture, performing feature selection and propagating only essential features to deeper layers. Tested on the N-BaIoT dataset, SkipGateNet efficiently detects ten types of botnet attacks, with a remarkable test accuracy of 99.91%. It is also compact (2596.87 KB) and demonstrates a quick inference time of 8.0 milliseconds, suitable for real-time implementation in resource-limited settings. While evaluating its performance, parameters like precision, recall, accuracy, and F1 score were considered, along with statistical reliability measures like Cohen's Kappa Coefficient and Matthews Correlation Coefficient. These highlight its reliability and effectiveness in IoT security challenges. The paper also compares SkipGateNet to existing models and four other deep learning architectures, including two sequential CNN architectures, a simple CNN+LSTM architecture, and a CNN+LSTM with standard skip connections. SkipGateNet surpasses all in accuracy and inference time, demonstrating its superiority in addressing IoT security issues.
引用
收藏
页码:35521 / 35538
页数:18
相关论文
共 41 条
[1]   Deep learning-based classification model for botnet attack detection [J].
Ahmed, Abdulghani Ali ;
Jabbar, Waheb A. ;
Sadiq, Ali Safaa ;
Patel, Hiran .
JOURNAL OF AMBIENT INTELLIGENCE AND HUMANIZED COMPUTING, 2020, 13 (7) :3457-3466
[2]   Botnet Attack Detection by Using CNN-LSTM Model for Internet of Things Applications [J].
Alkahtani, Hasan ;
Aldhyani, Theyazn H. H. .
SECURITY AND COMMUNICATION NETWORKS, 2021, 2021
[3]   A Machine Learning Based Intrusion Detection System for Mobile Internet of Things [J].
Amouri, Amar ;
Alaparthy, Vishwa T. ;
Morgera, Salvatore D. .
SENSORS, 2020, 20 (02)
[4]  
Antonakakis M, 2017, PROCEEDINGS OF THE 26TH USENIX SECURITY SYMPOSIUM (USENIX SECURITY '17), P1093
[5]   MapReduce based intelligent model for intrusion detection using machine learning technique [J].
Asif, Muhammad ;
Abbas, Sagheer ;
Khan, M. A. ;
Fatima, Areej ;
Khan, Muhammad Adnan ;
Lee, Sang-Woong .
JOURNAL OF KING SAUD UNIVERSITY-COMPUTER AND INFORMATION SCIENCES, 2022, 34 (10) :9723-9731
[6]  
Atlam H. F., 2018, Big Data and Cognitive Computing, V2, P10, DOI DOI 10.3390/BDCC2020010
[7]   A Deep Learning Method for Lightweight and Cross-Device IoT Botnet Detection [J].
Catillo, Marta ;
Pecchia, Antonio ;
Villano, Umberto .
APPLIED SCIENCES-BASEL, 2023, 13 (02)
[8]   The Matthews correlation coefficient (MCC) should replace the ROC AUC as the standard metric for assessing binary classification [J].
Chicco, Davide ;
Jurman, Giuseppe .
BIODATA MINING, 2023, 16 (01)
[9]   SafetyMed: A Novel IoMT Intrusion Detection System Using CNN-LSTM Hybridization [J].
Faruqui, Nuruzzaman ;
Abu Yousuf, Mohammad ;
Whaiduzzaman, Md ;
Azad, A. K. M. ;
Alyami, Salem A. ;
Lio, Pietro ;
Kabir, Muhammad Ashad ;
Moni, Mohammad Ali .
ELECTRONICS, 2023, 12 (17)
[10]   Learning precise timing with LSTM recurrent networks [J].
Gers, FA ;
Schraudolph, NN ;
Schmidhuber, J .
JOURNAL OF MACHINE LEARNING RESEARCH, 2003, 3 (01) :115-143