An Accurate Detection Approach for IoT Botnet Attacks Using Interpolation Reasoning Method
Abstract
:1. Introduction
- To design a detection method against the IoT Botnet attacks using the interpolation reasoning method.
- To discusses the main characteristics that influence IDS performance in the IoT environment.
- To identify how the interpolation reasoning method extends the binary decision to the continuous space. This feature might help protect the IoT environment while also delivering more accurate results.
2. Related Works
3. Botnet Detection Using Fuzzy-Based IoT
3.1. Testbed Environment Perpetration
- Denial of Service group: this group of attacks includes the denial of service attacks which aim to disrupt the normal service for the legitimate users.
- Information theft group: this group of attacks includes different types of intrusions that aim to steal the personal information of the legitimate users.
- Information gathering: this group of attacks includes the information-gathering attacks, which could be beneficial for the attackers to gather the required information about the desired victims.
- The resampling technique is applied for the studied IoT Botnet attacks dataset.
- Checking and removing the any missing observations.
- Searching for the Drate, State, and Max input parameters.
- Eliminating other network parameters.
- Storing the top-3 input parameters for the training and optimization phase.
3.2. Designing and Optimization Phase
4. Experiments and Results
Difference from Previous Works
- The suggested detection approach uses the concept of the fuzzy system and performs the interpolation technique to reduce the size of fuzzy detection rules.
- Unlike some literature detection methods, the suggested detection approach was designed and optimized using a real IoT Botnet attacks dataset.
- The efficiency of the suggested detection approach is competitive with other detection methods, although using a few sparse detection rules.
- The issues related to the binary decision and lack of knowledge base were handled using the interpolation reasoning methods.
- The suggested detection approach generates the Botnet attacks alert in a more readable and understandable form where the level of IoT Botnet attacks could be calculated.
5. Conclusions
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Conflicts of Interest
References
- Gendreau, A.A.; Moorman, M. Survey of intrusion detection systems towards an end to end secure internet of things. In Proceedings of the 2016 IEEE 4th international conference on future internet of things and cloud (FiCloud), Vienna, Austria, 22–24 August 2016; pp. 84–90. [Google Scholar]
- Elrawy, M.F.; Awad, A.I.; Hamed, H.F. Intrusion detection systems for IoT-based smart environments: A survey. J. Cloud Comput. 2018, 7, 21. [Google Scholar] [CrossRef] [Green Version]
- Bezerra, V.H.; da Costa, V.G.T.; Martins, R.A.; Junior, S.B.; Miani, R.S.; Zarpelao, B.B. Providing IoT host-based datasets for intrusion detection research. In SBSeg 2018; SBC: Londrina, Brazil, 2018; pp. 15–28. [Google Scholar]
- Almseidin, M.; Alzubi, M.; Kovacs, S.; Alkasassbeh, M. Evaluation of machine learning algorithms for intrusion detection system. In Proceedings of the 2017 IEEE 15th International Symposium on Intelligent Systems and Informatics (SISY), Subotica, Serbia, 14–16 September 2017; pp. 277–282. [Google Scholar] [CrossRef] [Green Version]
- Almseidin, M.; Al-Sawwa, J.; Alkasassbeh, M. Generating a benchmark cyber multi-step attacks dataset for intrusion detection. J. Intell. Fuzzy Syst. 2022, 1–15. [Google Scholar] [CrossRef]
- Forestiero, A. Bio-inspired algorithm for outliers detection. Multimed. Tools Appl. 2017, 76, 25659–25677. [Google Scholar] [CrossRef]
- Pajouh, H.H.; Javidan, R.; Khayami, R.; Dehghantanha, A.; Choo, K.K.R. A two-layer dimension reduction and two-tier classification model for anomaly-based intrusion detection in IoT backbone networks. IEEE Trans. Emerg. Top. Comput. 2016, 7, 314–323. [Google Scholar] [CrossRef]
- Ghosh, P.; Mitra, R. Proposed GA-BFSS and logistic regression based intrusion detection system. In Proceedings of the 2015 Third International Conference on Computer, Communication, Control and Information Technology (C3IT), Hooghly, India, 7–8 February 2015; pp. 1–6. [Google Scholar]
- Al-Kasassbeh, M.; Almseidin, M.; Alrfou, K.; Kovacs, S. Detection of IoT-botnet attacks using fuzzy rule interpolation. J. Intell. Fuzzy Syst. 2020, 39, 421–431. [Google Scholar] [CrossRef]
- Forestiero, A. Metaheuristic algorithm for anomaly detection in Internet of Things leveraging on a neural-driven multiagent system. Knowl.-Based Syst. 2021, 228, 107241. [Google Scholar] [CrossRef]
- Pokhrel, S.; Abbas, R.; Aryal, B. IoT Security: Botnet detection in IoT using Machine learning. arXiv 2021, arXiv:2104.02231. [Google Scholar]
- Abu Khurma, R.; Almomani, I.; Aljarah, I. IoT Botnet Detection Using Salp Swarm and Ant Lion Hybrid Optimization Model. Symmetry 2021, 13, 1377. [Google Scholar] [CrossRef]
- Popoola, S.I.; Adebisi, B.; Ande, R.; Hammoudeh, M.; Anoh, K.; Atayero, A.A. smote-drnn: A deep learning algorithm for botnet detection in the internet-of-things networks. Sensors 2021, 21, 2985. [Google Scholar] [CrossRef]
- Ashraf, J.; Keshk, M.; Moustafa, N.; Abdel-Basset, M.; Khurshid, H.; Bakhshi, A.D.; Mostafa, R.R. IoTBoT-IDS: A novel statistical learning-enabled botnet detection framework for protecting networks of smart cities. Sustain. Cities Soc. 2021, 72, 103041. [Google Scholar] [CrossRef]
- Arrington, B.; Barnett, L.; Rufus, R.; Esterline, A. Behavioral Modeling Intrusion Detection System (BMIDS) Using Internet of Things (IoT) Behavior-Based Anomaly Detection via Immunity-Inspired Algorithms. In Proceedings of the 2016 25th International Conference on Computer Communication and Networks (ICCCN), Waikoloa, HI, USA, 1–4 August 2016; pp. 1–6. [Google Scholar] [CrossRef]
- Diro, A.A.; Chilamkurti, N. Distributed attack detection scheme using deep learning approach for Internet of Things. Future Gener. Comput. Syst. 2017, 82, 761–768. [Google Scholar] [CrossRef]
- Lopez-Martin, M.; Carro, B.; Sanchez-Esguevillas, A.; Lloret, J. Conditional variational autoencoder for prediction and feature recovery applied to intrusion detection in iot. Sensors 2017, 17, 1967. [Google Scholar] [CrossRef] [PubMed] [Green Version]
- Garcia-Font, V.; Garrigues, C.; Rifà-Pous, H. Attack classification schema for smart city WSNs. Sensors 2017, 17, 771. [Google Scholar] [CrossRef] [PubMed] [Green Version]
- Midi, D.; Rullo, A.; Mudgerikar, A.; Bertino, E. Kalis—A system for knowledge-driven adaptable intrusion detection for the Internet of Things. In Proceedings of the 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS), Atlanta, GA, USA, 5–8 June 2017; pp. 656–666. [Google Scholar]
- Prabavathy, S.; Sundarakantham, K.; Shalinie, S.M. Design of cognitive fog computing for intrusion detection in internet of things. J. Commun. Netw. 2018, 20, 291–298. [Google Scholar] [CrossRef]
- Amouri, A.; Alaparthy, V.T.; Morgera, S.D. Cross layer-based intrusion detection based on network behavior for IoT. In Proceedings of the 2018 IEEE 19th Wireless and Microwave Technology Conference (WAMICON), Sand Key, FL, USA, 9–10 April 2018; pp. 1–4. [Google Scholar] [CrossRef]
- Silva, S.S.; Silva, R.M.; Pinto, R.C.; Salles, R.M. Botnets: A survey. Comput. Netw. 2013, 57, 378–403. [Google Scholar] [CrossRef]
- Khattak, S.; Ramay, N.R.; Khan, K.R.; Syed, A.A.; Khayam, S.A. A taxonomy of botnet behavior, detection, and defense. IEEE Commun. Surv. Tutorials 2014, 16, 898–924. [Google Scholar] [CrossRef]
- Parra, G.D.L.T.; Rad, P.; Choo, K.K.R.; Beebe, N. Detecting Internet of Things attacks using distributed deep learning. J. Netw. Comput. Appl. 2020, 163, 102662. [Google Scholar] [CrossRef]
- Koroniotis, N.; Moustafa, N.; Sitnikova, E.; Turnbull, B. Towards the development of realistic botnet dataset in the internet of things for network forensic analytics: Bot-iot dataset. Future Gener. Comput. Syst. 2019, 100, 779–796. [Google Scholar] [CrossRef] [Green Version]
- Almseidin, M.; Alkasassbeh, M.; Alzubi, M.; Al-Sawwa, J. Cyber-Phishing Website Detection Using Fuzzy Rule Interpolation. Cryptography 2022, 6, 24. [Google Scholar] [CrossRef]
- Altarawneh, G.A.; Hassanat, A.B.; Tarawneh, A.S.; Carfì, D.; Almuhaimeed, A. Fuzzy Win-Win: A Novel Approach to Quantify Win-Win Using Fuzzy Logic. Mathematics 2022, 10, 884. [Google Scholar] [CrossRef]
- Li, Y.; Xu, Y.; Liu, Z.; Hou, H.; Zheng, Y.; Xin, Y.; Zhao, Y.; Cui, L. Robust detection for network intrusion of industrial IoT based on multi-CNN fusion. Measurement 2020, 154, 107450. [Google Scholar] [CrossRef]
- Johanyák, Z.C.; Kovács, S. Sparse fuzzy system generation by rule base extension. In Proceedings of the 2007 11th International Conference on Intelligent Engineering Systems, Budapest, Hungary, 29 June–2 July 2007; pp. 99–104. [Google Scholar]
- Kovács, S. New aspects of interpolative reasoning. In Proceedings of the 6th International Conference on Information Processing and Management of Uncertainty in Knowledge-Based Systems, Granada, Spain, 8–12 August 1996; pp. 477–482. [Google Scholar]
- Obeidat, I.; Hamadneh, N.; Alkasassbeh, M.; Almseidin, M.; AlZubi, M. Intensive Pre-Processing of KDD Cup 99 for Network Intrusion Classification Using Machine Learning Techniques. arXiv 2018, arXiv:1805.10458. [Google Scholar] [CrossRef] [Green Version]
- Tarawneh, A.S.; Hassanat, A.B.; Alkafaween, E.; Sarayrah, B.; Mnasri, S.; Altarawneh, G.A.; Alrashidi, M.; Alghamdi, M.; Almuhaimeed, A. DeepKnuckle: Deep Learning for Finger Knuckle Print Recognition. Electronics 2022, 11, 513. [Google Scholar] [CrossRef]
Num | Drate | Srate | Max | Alerts |
---|---|---|---|---|
1 | Low | Low | Low | Normal |
2 | Low | Low | High | Botnet Attack |
3 | Low | Low | Medium | Botnet Attack |
4 | Low | High | Low | Botnet Attack |
5 | High | High | Medium | Botnet Attack |
6 | Low | High | Medium | Botnet Attack |
7 | Low | Low | Low | Botnet Attack |
8 | Medium | Low | High | Botnet Attack |
9 | Low | VLow | VLow | Normal |
10 | High | High | Medium | Botnet Attack |
Num | Performance Metrics | Value |
---|---|---|
1 | Sensitivity | 0.9880 |
2 | Specificity | 0.9872 |
3 | Precision | 0.9880 |
4 | Negative Predictive Value | 0.9832 |
5 | False Positive Rate | 0.0068 |
6 | False Negative Rate | 0.0291 |
7 | Computation Time | 240 Minutes |
8 | Accuracy | 0.9641 |
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. |
© 2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Almseidin, M.; Alkasassbeh, M. An Accurate Detection Approach for IoT Botnet Attacks Using Interpolation Reasoning Method. Information 2022, 13, 300. https://doi.org/10.3390/info13060300
Almseidin M, Alkasassbeh M. An Accurate Detection Approach for IoT Botnet Attacks Using Interpolation Reasoning Method. Information. 2022; 13(6):300. https://doi.org/10.3390/info13060300
Chicago/Turabian StyleAlmseidin, Mohammad, and Mouhammd Alkasassbeh. 2022. "An Accurate Detection Approach for IoT Botnet Attacks Using Interpolation Reasoning Method" Information 13, no. 6: 300. https://doi.org/10.3390/info13060300
APA StyleAlmseidin, M., & Alkasassbeh, M. (2022). An Accurate Detection Approach for IoT Botnet Attacks Using Interpolation Reasoning Method. Information, 13(6), 300. https://doi.org/10.3390/info13060300