VAE-Based Latent Representations Learning for Botnet Detection in IoT Networks

被引:8
作者
Snoussi, Ramzi [1 ]
Youssef, Habib [1 ]
机构
[1] Univ Sousse, Prince Lab, ISITCOM Hammam Sousse, Sousse, Tunisia
关键词
Anomaly detection; Botnet detection; Variational AutoEncoder; One-class classification; Latent representations learning; INTERNET; THINGS;
D O I
10.1007/s10922-022-09690-4
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Botnets pose significant threats to cybersecurity. The infected Internet of Things (IoT) devices are used to launch unsupported malicious activities on target entities to disrupt their operations and services. To address this danger, we propose a machine learning-based method, for detecting botnets by analyzing network traffic data flow including various types of botnet attacks. Our method uses a hybrid model where a Variational AutoEncoder (VAE) is trained in an unsupervised manner to learn latent representations that describe the benign traffic data, and one-class classifier (OCC) for detecting anomaly (also called novelty detection). The main aim of this research is to learn the discriminating representations of the normal data in low dimensional latent space generated by VAE, and thus improve the predictive power of the OCC to detect malicious traffic. We have evaluated the performance of our model, and compared it against baseline models using a real network based dataset, containing popular IoT devices, and presenting a wide variety of attacks from two recent botnet families Mirai and Bashlite. Tests showed that our model can detect botnets with a satisfactory performance.
引用
收藏
页数:24
相关论文
共 47 条
[1]   Landscape of IoT security [J].
Aidoo, Andy ;
Schiller, Eryk ;
Fuhrer, Jara ;
Stahl, Jonathan ;
Ziorjen, Michael ;
Stiller, Burkhard .
COMPUTER SCIENCE REVIEW, 2022, 44
[2]   Unsupervised intelligent system based on one class support vector machine and Grey Wolf optimization for IoT botnet detection [J].
Al Shorman, Amaal ;
Faris, Hossam ;
Aljarah, Ibrahim .
JOURNAL OF AMBIENT INTELLIGENCE AND HUMANIZED COMPUTING, 2020, 11 (07) :2809-2825
[3]  
[Anonymous], 2021, IMPLEMENTATION DEEP
[4]   The Internet of Things: A survey [J].
Atzori, Luigi ;
Iera, Antonio ;
Morabito, Giacomo .
COMPUTER NETWORKS, 2010, 54 (15) :2787-2805
[5]   Representation Learning: A Review and New Perspectives [J].
Bengio, Yoshua ;
Courville, Aaron ;
Vincent, Pascal .
IEEE TRANSACTIONS ON PATTERN ANALYSIS AND MACHINE INTELLIGENCE, 2013, 35 (08) :1798-1828
[6]   Botnets and Internet of Things Security [J].
Bertino, Elisa ;
Islam, Nayeem .
COMPUTER, 2017, 50 (02) :76-79
[7]   Variational Inference: A Review for Statisticians [J].
Blei, David M. ;
Kucukelbir, Alp ;
McAuliffe, Jon D. .
JOURNAL OF THE AMERICAN STATISTICAL ASSOCIATION, 2017, 112 (518) :859-877
[8]   LOF: Identifying density-based local outliers [J].
Breunig, MM ;
Kriegel, HP ;
Ng, RT ;
Sander, J .
SIGMOD RECORD, 2000, 29 (02) :93-104
[9]   A Hybrid Autoencoder and Density Estimation Model for Anomaly Detection [J].
Cao, Van Loi ;
Nicolau, Miguel ;
McDermott, James .
PARALLEL PROBLEM SOLVING FROM NATURE - PPSN XIV, 2016, 9921 :717-726
[10]  
Chenxi Dong, 2018, 2018 IEEE Third International Conference on Data Science in Cyberspace (DSC). Proceedings, P680, DOI 10.1109/DSC.2018.00108