Traffic Based Sequential Learning During Botnet Attacks to Identify Compromised IoT Devices

Gelenbe, Erol; Nakıp, Mert

doi:10.1109/access.2022.3226700

Cited by 16 publications

(4 citation statements)

References 46 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In Ref. 39, a unique online hacked device identification system (CDIS) is presented to accurately detect and identify IoT devices and IP addresses that botnets have hacked. The CDIS utilizes traffic analysis and sequence learning algorithms to accurately detect hacked devices, even when they create minimal traffic.…”

Section: Literature Reviewmentioning

confidence: 99%

Healthcare security in cloud‐based wireless sensor networks: Botnet attack detection via autoencoder‐aided goal‐based artificial intelligent agent

Chellathurai Amirthabai,

Malhotra,

Thapasimuthu Rajeswari

et al. 2024

Concurrency and Computation

View full text Add to dashboard Cite

SummaryThis paper presents a new method in the field of healthcare security that specifically targets cloud‐based wireless sensor networks (WSNs). The suggested method integrates a goal‐based artificial intelligent agent (GAIA) with an autoencoder (AE) architecture, yielding an autoencoder‐based agent (AE‐A). The main goal of this integrated system is to improve the efficiency of identifying botnet assaults, with a specific emphasis on the evolving security threats related to cloud computing. Our concept is around creating a meticulously calibrated, goal‐driven AI agent tailored explicitly for healthcare applications. The agent meticulously analyses network data and proficiently integrates autoencoder‐enhanced anomaly detection techniques to uncover intricate patterns indicative of botnet activities. The adaptability of the goal‐based AI agent is improved by ongoing real‐time learning, guaranteeing that its responses are in line with the primary goal of neutralizing threats. The autoencoder serves a vital role in the system by functioning as a tool for extracting features. This approach enables the AI Agent to navigate complex information and derive significant insights efficiently. Cloud computing resources greatly enhance the functionalities of a system, enabling scalability, real‐time analysis, and improved responsiveness. Utilizing goal‐driven AI and autoencoder together proves to be a successful strategy in safeguarding healthcare‐oriented WSNs against botnet attacks. This technique takes a proactive stance in ensuring the security of sensitive medical data. The suggested model is evaluated against various models, including the bidirectional long short‐term memory (BLSTM) method, the hybrid BLSTM with recurrent neural network (BLSTM‐RNN) algorithm, and the Random Forest algorithm. The models are evaluated using metrics such as Matthews correlation coefficient (MCC), prediction rate, accuracy, recall, precision, and F1 score analysis. The investigation demonstrates that the suggested model achieved the most significant values of 93% MCC, 94% prediction rate, 91% accuracy, 98% recall, 98% precision, and 98% F1 score, respectively when compared to the existing models.

show abstract

Section: Literature Reviewmentioning

confidence: 99%

Healthcare security in cloud‐based wireless sensor networks: Botnet attack detection via autoencoder‐aided goal‐based artificial intelligent agent

Chellathurai Amirthabai,

Malhotra,

Thapasimuthu Rajeswari

et al. 2024

Concurrency and Computation

View full text Add to dashboard Cite

show abstract

“…Moreover, this approach mitigated the execution time, memory consumption and energy deployment as compared to other methods. E. Gelenbe, et.al (2022) established a new online Compromised Device Identification System (CDIS) for recognizing Internet of Things (IoT) devices infected with a Botnet attack which transmitted the packets [23]. This system aimed to select particular parameters whose extraction was done from network traffic, and training from online model when it was operated normally using an Auto-Associative Dense Random Neural Network (AADRNN) model.…”

Section: Literature Reviewmentioning

confidence: 99%

Optimization Algorithms with Machine Learning to Improve Security of Internet of Things

Zakiya Manzoor Khan,

2023

IJRITCC

View full text Add to dashboard Cite

The IOT network traffic classification is the approach which helps to analyse IOT network traffic. The network traffic analysis can to various network activities. The network traffic analysis process has various steps which include data input, pre-processing, feature extraction, classification and performance analysis. The various machine learning algorithms is proposed in the previous years but those algorithms are unable to achieve high accuracy. The algorithms which are already proposed is unable to extract features from the dataset. To propose algorithm which can extract features from the dataset and achieve high accuracy for the network traffic classification is the motivation this research work. To achieve high accuracy hybrid optimization algorithm is proposed in this paper which is the combination of genetic and PSO algorithm. The hybrid optimization algorithm extract features and later it will be classified using Random Forest. The proposed model is implemented in python and results is achieved in terms of accuracy, precision, recall.

show abstract

“…One of the key advantages of GNNs in botnet detection lies in their ability to handle the sequential nature of botnet attacks [9,10]. Botnets often exhibit dynamic and evolving behaviors over time, which conventional methods struggle to model effectively.…”

Section: Introductionmentioning

confidence: 99%

GNN-Based Network Traffic Analysis for the Detection of Sequential Attacks in IoT

Altaf,

Wang,

et al. 2024

Electronics

View full text Add to dashboard Cite

This research introduces a novel framework utilizing a sequential gated graph convolutional neural network (GGCN) designed specifically for botnet detection within Internet of Things (IoT) network environments. By capitalizing on the strengths of graph neural networks (GNNs) to represent network traffic as complex graph structures, our approach adeptly handles the temporal dynamics inherent to botnet attacks. Key to our approach is the development of a time-stamped multi-edge graph structure that uncovers subtle temporal patterns and hidden relationships in network flows, critical for recognizing botnet behaviors. Moreover, our sequential graph learning framework incorporates time-sequenced edges and multi-edged structures into a two-layered gated graph model, which is optimized with specialized message-passing layers and aggregation functions to address the challenges of time-series traffic data effectively. Our comparative analysis with the state of the art reveals that our sequential gated graph convolutional neural network achieves substantial improvements in detecting IoT botnets. The proposed GGCN model consistently outperforms the conventional model, achieving improvements in accuracy ranging from marginal to substantial—0.01% for BoT IoT and up to 25% for Mirai. Moreover, our empirical analysis underscores the GGCN’s enhanced capabilities, particularly in binary classification tasks, on imbalanced datasets. These findings highlight the model’s ability to effectively navigate and manage the varying complexity and characteristics of IoT security threats across different datasets.

show abstract

Traffic Based Sequential Learning During Botnet Attacks to Identify Compromised IoT Devices

Cited by 16 publications

References 46 publications

Healthcare security in cloud‐based wireless sensor networks: Botnet attack detection via autoencoder‐aided goal‐based artificial intelligent agent

Healthcare security in cloud‐based wireless sensor networks: Botnet attack detection via autoencoder‐aided goal‐based artificial intelligent agent

Optimization Algorithms with Machine Learning to Improve Security of Internet of Things

GNN-Based Network Traffic Analysis for the Detection of Sequential Attacks in IoT

Contact Info

Product

Resources

About