TL-BILSTM IoT: transfer learning model for prediction of intrusion detection system in IoT environment

The ubiquity of the Internet-of-Things (IoT) systems across various industries, smart cities, health care, manufacturing, and government services has led to an increased risk of security attacks, jeopardizing data integrity, confidentiality, and availability. Consequently, ensuring the resilience of IoT systems demands a paramount focus on cybersecurity. This manuscript proposes a robust model specifically designed to detect and classify botnet attacks in IoT environments. The proposed model utilizes a hybrid CNN-BILSTM with transfer learning (TL-BILSTM) to detect and classify different types of Mirai and BASHLITE attacks across nine types of IoT devices. In this study, we used a publically available dataset consisting of legitimate and malicious network packets that were gathered from a real-time laboratory connected to camera devices in the IoT environment. Experimental results demonstrate that the proposed model achieves good-fit performance based on evaluation metrics. Specifically, the proposed model achieves a testing accuracy of 99.52%, a training accuracy of 99.55%, and a loss of 0. 0150. The results underscore the superior accuracy of our proposed model, especially within the N_BaIoT dataset, where it attains a remarkable accuracy of 99.52% across ten classes, surpassing cutting-edge techniques by a significant margin ranging from 3.2% to 16.07%. Furthermore, the proposed model proves effective in enhancing the accuracy of detecting and classifying botnet attacks compared to state-of-the-art anomaly detection systems in IoT based on real-time IoT devices dataset.