IoT Botnet Malware Classification Using Weka Tool and Scikit-learn Machine Learning

Susanto, Susanto; Stiawan, Deris; Arifin, Mohammad; Idris, Mohd. Yazid; Budiarto, Rahmat

doi:10.23919/eecsi50503.2020.9251304

Cited by 8 publications

(5 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As this study proposes a bitmap-based compression technique that expresses the log data simply, simple machinelearning models are used to classify the log data. The conventional method refers to a study that classifies malicious IoT traffic data using various machine-learning algorithms [31]. The random forest (RF), DT, Naive Bayes (NB), and gradient boosting algorithms were used in the comparative study.…”

Section: Evaluation Results and Analysismentioning

confidence: 99%

Malicious Traffic Compression and Classification Technique for Secure Internet of Things

Lee,

Park,

Kim

et al. 2023

Computers, Materials &Amp; Continua

View full text Add to dashboard Cite

With the introduction of 5G technology, the application of Internet of Things (IoT) devices is expanding to various industrial fields. However, introducing a robust, lightweight, low-cost, and low-power security solution to the IoT environment is challenging. Therefore, this study proposes two methods using a data compression technique to detect malicious traffic efficiently and accurately for a secure IoT environment. The first method, compressed sensing and learning (CSL), compresses an event log in a bitmap format to quickly detect attacks. Then, the attack log is detected using a machine-learning classification model. The second method, precise re-learning after CSL (Ra-CSL), comprises a two-step training. It uses CSL as the 1st step analyzer, and the 2nd step analyzer is applied using the original dataset for a log that is detected as an attack in the 1st step analyzer. In the experiment, the bitmap rule was set based on the boundary value, which was 99.6% true positive on average for the attack and benign data found by analyzing the training data. Experimental results showed that the CSL was effective in reducing the training and detection time, and Ra-CSL was effective in increasing the detection rate. According to the experimental results, the data compression technique reduced the memory size by up to 20% and the training and detection times by 67% when compared with the conventional technique. In addition, the proposed technique improves the detection accuracy; the Naive Bayes model with the highest performance showed a detection rate of approximately 99%.

show abstract

Section: Evaluation Results and Analysismentioning

confidence: 99%

Malicious Traffic Compression and Classification Technique for Secure Internet of Things

Lee,

Park,

Kim

et al. 2023

Computers, Materials &Amp; Continua

View full text Add to dashboard Cite

show abstract

“…Therefore, it is critical to improve the security and privacy aspects of IoT devices and protect them against malware. Many types of research and studies are conducted to protect IoT devices against malware, and one such method is to use centralized techniques such as Machine Learning [1], [12] and Deep Learning [13], [14]. However, these centralized learning techniques share the user's private data with a centralized server to train the models.…”

Section: A Motivationmentioning

confidence: 99%

IoT Malware Analysis Using Federated Learning: A Comprehensive Survey

2023

View full text Add to dashboard Cite

The Internet of Things (IoT) has paved the way to a highly connected society where all things are interconnected and exchanging information has become more accessible through the internet. With the use of IoT devices, the threat of malware has increased rapidly. The increased number of existing and new malware variants has made protecting IoT devices and networks challenging. The malware can hide in the systems and disables its activity when there are attempts to discover and detect them. With technological advances, there are various emerging techniques to address this problem. However, they still encounter issues concerning the privacy and security of the user's data and suffer from a single point of failure. To address this issue, there are recent research developments conducted to use Federated Learning (FL). FL is a decentralized technique that trains the user's data on-device and exchanges the parameters without sharing the user's data. FL is implemented to secure the user's data, provide safe and accurate models, and prevent the single point of failure in the centralized models. This paper provides an overview of different approaches that integrate FL with IoT. Finally, we discuss the applications of FL, the research challenges, and future research directions.

show abstract

“…In general, the security issues faced by IoT devices are malware, weak password protection, exploitation, skill gaps, poor device management, insecure protocols, data leakage, firewall, secure booting, intrusion deception threat (IDT), authentication, and encryption [21][22][23]. Different methods have been utilized as defense strategies, such as (1) distributed deep learning (DDL) [24], (2) adversarial deep learning (ADL) [25], (3) the bidirectional short term memory based recurrent neural network (BLSTM-RNN) [26], (4) the artificial neural network (ANN) [27], (5) the deep neural network (DNN) [28], (6) existing network intrusion detection system (NIDS) implementation tools [29], (7) tensor DNN [30], (8) adversarial machine learning and other traditional methods (such as Petri Net) [25], (9) cloud-based distributed deep learning frameworks-(a) distributed convolution neural networks and (b) cloud based temporal long-short term memory [31]- (10) the uniform intrusion detection method [32], (11) the deep-learning-based intrusion detection system method with the combination of spider monkey optimization and a stacked-deep polynomial network [33], (12) the baptized BotIDS-based convolutional neural network [34], (13) CorrAUC [35], (14) K-nearest neighbors (KNN) and LSVM [36], (15) random forest (RF) [36][37][38], (16) neural networks [36,38], (17) decision trees (DTs) [36,37], and (18) supervised, unsupervised, semi-supervised, and reinforcement techniques [39,…”

Section: Defense Strategies and The Motivation For This Workmentioning

confidence: 99%

Learning-Based Methods for Cyber Attacks Detection in IoT Systems: A Survey on Methods, Analysis, and Future Prospects

et al. 2022

View full text Add to dashboard Cite

Internet of Things (IoT) is a developing technology that provides the simplicity and benefits of exchanging data with other devices using the cloud or wireless networks. However, the changes and developments in the IoT environment are making IoT systems susceptible to cyber attacks which could possibly lead to malicious intrusions. The impacts of these intrusions could lead to physical and economical damages. This article primarily focuses on the IoT system/framework, the IoT, learning-based methods, and the difficulties faced by the IoT devices or systems after the occurrence of an attack. Learning-based methods are reviewed using different types of cyber attacks, such as denial-of-service (DoS), distributed denial-of-service (DDoS), probing, user-to-root (U2R), remote-to-local (R2L), botnet attack, spoofing, and man-in-the-middle (MITM) attacks. For learning-based methods, both machine and deep learning methods are presented and analyzed in relation to the detection of cyber attacks in IoT systems. A comprehensive list of publications to date in the literature is integrated to present a complete picture of various developments in this area. Finally, future research directions are also provided in the paper.

show abstract

IoT Botnet Malware Classification Using Weka Tool and Scikit-learn Machine Learning

Cited by 8 publications

References 24 publications

Malicious Traffic Compression and Classification Technique for Secure Internet of Things

Malicious Traffic Compression and Classification Technique for Secure Internet of Things

IoT Malware Analysis Using Federated Learning: A Comprehensive Survey

Learning-Based Methods for Cyber Attacks Detection in IoT Systems: A Survey on Methods, Analysis, and Future Prospects

Contact Info

Product

Resources

About