Journal of Intelligent Systems and Internet of Things

Journal DOI

https://doi.org/10.54216/JISIoT

Submit Your Paper

2690-6791ISSN (Online) 2769-786XISSN (Print)

Volume 3 , Issue 2 , PP: 68-84, 2021 | Cite this article as | XML | Html | PDF | Full Length Article

Intelligent system for IoT botnet detection using SVM and PSO optimization

Mahmoud A. Salam 1 *

  • 1 Faculty of Computers and Information, Mansoura University, Egypt - (maasalam99@yahoo.com)
  • Doi: https://doi.org/10.54216/JISIoT.030203

    Received: April 13, 2021 Accepted: July 19, 2021
    Abstract

    Botnet attacks involving Internet-of-Things (IoT) devices have skyrocketed in recent years due to the proliferation of internet IoT devices that can be readily infiltrated. The botnet is a common threat, exploiting the absence of basic IoT security technologies and can perform several DDoS attacks. Existing IoT botnet detection methods still have issues, such as relying on labeled data, not being validated with newer botnets, and using very complex machine learning algorithms, making the development of new methods to detect compromised IoT devices urgent to reduce the negative implications of these IoT botnets. Due to the vast amount of normal data accessible, anomaly detection algorithms seem to promise for identifying botnet attacks on the Internet of Things (IoT). For anomaly detection, the One-Class Support vector machine is a strong method (ONE-SVM). Many aspects influence the classification outcomes of the ONE-SVM technique, like that of the subset of features utilized for training the ONE-SVM model, hyperparameters of the kernel. An evolutionary IoT botnet detection algorithm is described in this paper. Particle Swarm Optimization technique (PSO) is used to tune the hyperparameters of the ONE-SVM to detect IoT botnet assaults launched from hacked IoT devices. A new version of a real benchmark dataset is used to evaluate the proposed method's performance using traditional anomaly detection evaluation measures. This technique exceeds all existing algorithms in terms of false positive, true positive and rates, and G-mean for all IoT device categories, according to testing results. It also achieves the shortest detection time despite lowering the number of picked features by a significant amount.   

    Keywords :

    Botnets, IOT, Particle Swarm, Anomaly detection, Feature selection, One class support vector machine, Intrusion detection system.

    References

    [1]       K. Angrishi, “Turning internet of things (iot) into internet of vulnerabilities (iov): Iot botnets,” arXiv Prepr. arXiv1702.03681, 2017.

    [2]       A. Whitmore, A. Agarwal, and L. Da Xu, “The Internet of Things—A survey of topics and trends,” Inf. Syst. Front., vol. 17, no. 2, pp. 261–274, 2015.

    [3]       D. Celebucki, M. A. Lin, and S. Graham, “A security evaluation of popular internet of things protocols for manufacturers,” in 2018 IEEE International Conference on Consumer Electronics (ICCE), 2018, pp. 1–6.

    [4]       M. A. Khan and K. Salah, “IoT security: Review, blockchain solutions, and open challenges,” Futur. Gener. Comput. Syst., vol. 82, pp. 395–411, 2018.

    [5]       C. Kolias, G. Kambourakis, A. Stavrou, and J. Voas, “DDoS in the IoT: Mirai and other botnets,” Computer (Long. Beach. Calif)., vol. 50, no. 7, pp. 80–84, 2017.

    [6]       S. Mansfield-Devine, “DDoS goes mainstream: how headline-grabbing attacks could make this threat an organisation’s biggest nightmare,” Netw. Secur., vol. 2016, no. 11, pp. 7–13, 2016.

    [7]       E. Bertino and N. Islam, “Botnets and internet of things security,” Computer (Long. Beach. Calif)., vol. 50, no. 2, pp. 76–79, 2017.

    [8]       H. Wang, J. Gu, and S. Wang, “An effective intrusion detection framework based on SVM with feature augmentation,” Knowledge-Based Syst., vol. 136, pp. 130–139, 2017.

    [9]       B. Schölkopf, J. C. Platt, J. Shawe-Taylor, A. J. Smola, and R. C. Williamson, “Estimating the support of a high-dimensional distribution,” Neural Comput., vol. 13, no. 7, pp. 1443–1471, 2001.

    [10]     F. Marini and B. Walczak, “Particle swarm optimization (PSO). A tutorial,” Chemom. Intell. Lab. Syst., vol. 149, pp. 153–165, 2015.

    [11]     X. Zou, J. Cao, Q. Guo, and T. Wen, “A novel network security algorithm based on improved support vector machine from smart city perspective,” Comput. Electr. Eng., vol. 65, pp. 67–78, 2018.

    [12]     M. H. Nguyen and F. la Torre, “Optimal feature selection for support vector machines,” Pattern Recognit., vol. 43, no. 3, pp. 584–591, 2010.

    [13]     H. Faris, I. Aljarah, M. A. Al-Betar, and S. Mirjalili, “Grey wolf optimizer: a review of recent variants and applications,” Neural Comput. Appl., vol. 30, no. 2, pp. 413–435, 2018.

    [14]     R. Hallman, J. Bryan, G. Palavicini, J. Divita, and J. Romero-Mariona, “IoDDoS-the internet of distributed denial of sevice attacks,” in 2nd international conference on internet of things, big data and security. SCITEPRESS, 2017, pp. 47–58.

    [15]     S. Garc\’\ia, A. Zunino, and M. Campo, “Survey on network-based botnet detection methods,” Secur. Commun. Networks, vol. 7, no. 5, pp. 878–903, 2014.

    [16]     K.-C. Lin, S.-Y. Chen, and J. C. Hung, “Botnet detection using support vector machines with artificial fish swarm algorithm,” J. Appl. Math., vol. 2014, 2014.

    [17]     Y. M. P. Pa, S. Suzuki, K. Yoshioka, T. Matsumoto, T. Kasama, and C. Rossow, “IoTPOT: Analysing the rise of IoT compromises,” 2015.

    [18]     Y. Meidan et al., “N-baiot—network-based detection of iot botnet attacks using deep autoencoders,” IEEE Pervasive Comput., vol. 17, no. 3, pp. 12–22, 2018.

    [19]     Y. Mirsky, T. Doitshman, Y. Elovici, and A. Shabtai, “Kitsune: an ensemble of autoencoders for online network intrusion detection,” arXiv Prepr. arXiv1802.09089, 2018.

    [20]     D. H. Wolpert and W. G. Macready, “No free lunch theorems for optimization,” IEEE Trans. Evol. Comput., vol. 1, no. 1, pp. 67–82, 1997.

    [21]     N. M. Hatta, A. M. Zain, R. Sallehuddin, Z. Shayfull, and Y. Yusoff, “Recent studies on optimisation method of Grey Wolf Optimiser (GWO): a review (2014--2017),” Artif. Intell. Rev., vol. 52, no. 4, pp. 2651–2683, 2019.

    [22]     A. Al Shorman, H. Faris, and I. Aljarah, “Unsupervised intelligent system based on one class support vector machine and Grey Wolf optimization for IoT botnet detection,” J. Ambient Intell. Humaniz. Comput., vol. 11, no. 7, pp. 2809–2825, 2020.

    [23]     R. Eberhart and J. Kennedy, “Particle swarm optimization,” in Proceedings of the IEEE international conference on neural networks, 1995, vol. 4, pp. 1942–1948.

    [24]     L. Davis, “Handbook of genetic algorithms,” 1991.

    [25]     J. Han, J. Pei, and M. Kamber, Data mining: concepts and techniques. Elsevier, 2011.

    [26]     S. Huda, J. Abawajy, M. Alazab, M. Abdollalihian, R. Islam, and J. Yearwood, “Hybrids of support vector machine wrapper and filter based framework for malware detection,” Futur. Gener. Comput. Syst., vol. 55, pp. 376–390, 2016.

    [27]     R. Kohavi and G. H. John, “Wrappers for feature subset selection,” Artif. Intell., vol. 97, no. 1–2, pp. 273–324, 1997.

    [28]     R. Domingues, M. Filippone, P. Michiardi, and J. Zouaoui, “A comparative evaluation of outlier detection algorithms: Experiments and analyses,” Pattern Recognit., vol. 74, pp. 406–421, 2018.

    [29]     T. E. Dheeru D, “UCI machine learning repository.,” 2017. http://archive.ics.uci.edu/ml.

    [30]     N. Blenn, V. Ghiëtte, and C. Doerr, “Quantifying the spectrum of denial-of-service attacks through internet backscatter,” in Proceedings of the 12th International Conference on Availability, Reliability and Security, 2017, pp. 1–10.

     

    Cite This Article As :
    A., Mahmoud. Intelligent system for IoT botnet detection using SVM and PSO optimization. Journal of Intelligent Systems and Internet of Things, vol. , no. , 2021, pp. 68-84. DOI: https://doi.org/10.54216/JISIoT.030203
    A., M. (2021). Intelligent system for IoT botnet detection using SVM and PSO optimization. Journal of Intelligent Systems and Internet of Things, (), 68-84. DOI: https://doi.org/10.54216/JISIoT.030203
    A., Mahmoud. Intelligent system for IoT botnet detection using SVM and PSO optimization. Journal of Intelligent Systems and Internet of Things , no. (2021): 68-84. DOI: https://doi.org/10.54216/JISIoT.030203
    A., M. (2021) . Intelligent system for IoT botnet detection using SVM and PSO optimization. Journal of Intelligent Systems and Internet of Things , () , 68-84 . DOI: https://doi.org/10.54216/JISIoT.030203
    A. M. [2021]. Intelligent system for IoT botnet detection using SVM and PSO optimization. Journal of Intelligent Systems and Internet of Things. (): 68-84. DOI: https://doi.org/10.54216/JISIoT.030203
    A., M. "Intelligent system for IoT botnet detection using SVM and PSO optimization," Journal of Intelligent Systems and Internet of Things, vol. , no. , pp. 68-84, 2021. DOI: https://doi.org/10.54216/JISIoT.030203