IoT Botnet Detection Using Autoencoders and Decision Trees

Susanto Susanto; M. Agus Syamsul Arifin; Harma Oktafia Lingga Wijaya

doi:10.32736/sisfokom.v12i3.1693

Authors

Susanto Susanto Program Studi Informatika. Fakultas Ilmu Teknik, Universitas Bina Insan
M. Agus Syamsul Arifin Program Studi Rekayasa Sistem Komputer, Fakultas Ilmu Teknik, Universitas Bina Insan
Harma Oktafia Lingga Wijaya Program Studi Sistem Informasi, Fakultas Ilmu Teknik, Universitas Bina Insan

DOI:

https://doi.org/10.32736/sisfokom.v12i3.1693

Keywords:

Botnet IoT, Dimensionality reduction, Autoencoder, Decision Tree

Abstract

The use of IoT devices has grown rapidly, leading to an increase in cyber attacks that pose greater security and privacy threats than ever before. One such threat is botnet attacks on IoT devices. An IoT botnet is a group of Internet-connected IoT devices infected with malware and remotely controlled by an attacker. Machine learning techniques can be employed to detect botnet attacks. The use of machine learning-based detection methods has been shown to be effective in identifying cyber attacks. The performance of the detection system in machine learning can be improved by utilizing data reduction methods. The data reduction process in classification is used to overcome the problem of scalability and computation resources in the IoT. This paper proposes a detection system using the Autoencoder reduction method and the Decision tree classification method. The test results demonstrate that the Deep Autoencoder algorithm can reduce data and memory usage from 1.62 GB to 75.9 MB, while also improving the performance of decision tree classification, resulting in a high level of accuracy up to 100%. The Autoencoder approach in conjunction with the Decision Tree exhibits superior capabilities compared to previous studies.

References

S. Nižetić, P. Šolić, D. López-de-Ipiña González-de-Artaza, and L. Patrono, “Internet of Things (IoT): Opportunities, issues and challenges towards a smart and sustainable future,” J. Clean. Prod., vol. 274, 2020, doi: 10.1016/j.jclepro.2020.122877.

W. Zhou, Y. Jia, A. Peng, Y. Zhang, and P. Liu, “The effect of IoT new features on security and privacy: New threats, existing solutions, and challenges yet to be solved,” IEEE Internet Things J., vol. 6, no. 2, pp. 1606–1616, 2019, doi: 10.1109/JIOT.2018.2847733.

Susanto, M. A. Syamsul Arifin, D. Stiawan, M. Y. Idris, and R. Budiarto, “The trend malware source of IoT network,” Indones. J. Electr. Eng. Comput. Sci., vol. 22, no. 1, pp. 450–459, 2021, doi: 10.11591/ijeecs.v22.i1.pp450-459.

M. Alshamkhany, W. Alshamkhany, M. Mansour, M. Khan, S. Dhou, and F. Aloul, “Botnet Attack Detection using Machine Learning,” in Proc. 14th International Conference on Innovations in Information Technology, IIT, 2020, no. November, pp. 203–208.

Z. Shao, S. Yuan, and Y. Wang, “Adaptive online learning for IoT botnet detection,” Inf. Sci. (Ny)., vol. 574, pp. 84–95, 2021, doi: 10.1016/j.ins.2021.05.076.

S. Srinivasan and D. P, “Enhancing the security in cyber-world by detecting the botnets using ensemble classification based machine learning,” Meas. Sensors, vol. 25, no. December 2022, p. 100624, 2023, doi: 10.1016/j.measen.2022.100624.

C. Maudoux, S. Boumerdassi, A. Barcello, and E. Renault, “Combined Forest: A New Supervised Approach for a Machine-Learning-based Botnets Detection,” 2021 IEEE Glob. Commun. Conf. GLOBECOM 2021 - Proc., pp. 1–6, 2021, doi: 10.1109/GLOBECOM46510.2021.9685261.

S. Miller and C. Busby-Earle, “The role of machine learning in botnet detection,” 2016 11th Int. Conf. Internet Technol. Secur. Trans. ICITST 2016, no. December, pp. 359–364, 2017.

Susanto, D. Stiawan, M. A. S. Arifin, J. Rejito, M. Y. Idris, and R. Budiarto, “A Dimensionality Reduction Approach for Machine Learning Based IoT Botnet Detection,” Int. Conf. Electr. Eng. Comput. Sci. Informatics, vol. 2021–Octob, no. October, pp. 26–30, 2021, doi: 10.23919/EECSI53397.2021.9624299.

I. Czarnowski and P. Jȩdrzejowicz, “An approach to data reduction for learning from big datasets: Integrating stacking, rotation, and agent population learning techniques,” Complexity, vol. 2018, 2018, doi: 10.1155/2018/7404627.

M. H. ur Rehman, C. S. Liew, A. Abbas, P. P. Jayaraman, T. Y. Wah, and S. U. Khan, “Big Data Reduction Methods: A Survey,” Data Sci. Eng., vol. 1, no. 4, pp. 265–284, 2016, doi: 10.1007/s41019-016-0022-0.

H. Bahsi, S. Nomm, and F. B. La Torre, “Dimensionality Reduction for Machine Learning Based IoT Botnet Detection,” in Proc. 2018 15th International Conference on Control, Automation, Robotics and Vision, ICARCV, 2018, pp. 1857–1862.

S. Nomm and H. Bahsi, “Unsupervised Anomaly Based Botnet Detection in IoT Networks,” in Proc.- 17th IEEE International Conference on Machine Learning and Applications, ICMLA, 2019, pp. 1048–1053.

Susanto et al., “Dimensional Reduction With Fast ICA for IoT Botnet Detection,” J. Appl. Secur. Res., vol. 0, no. 0, pp. 1–24, 2022, doi: 10.1080/19361610.2022.2079906.

M. Alqahtani, H. Mathkour, and M. M. Ben Ismail, “IoT botnet attack detection based on optimized extreme gradient boosting and feature selection,” Sensors (Switzerland), vol. 20, no. 21, pp. 1–21, 2020, doi: 10.3390/s20216336.

Y. Wang, H. Yao, and S. Zhao, “Auto-encoder based dimensionality reduction,” Neurocomputing, vol. 184, pp. 232–242, 2016, doi: 10.1016/j.neucom.2015.08.104.

Y. Liu and S. Yang, “Application of Decision Tree-Based Classification Algorithm on Content Marketing,” J. Math., vol. 2022, 2022, doi: 10.1155/2022/6469054.

Y. Meidan et al., “N-BaIoT-Network-based detection of IoT botnet attacks using deep autoencoders,” IEEE Pervasive Comput., vol. 17, no. 3, pp. 12–22, Sep. 2018, doi: 10.1109/MPRV.2018.03367731.

Y. Mirsky, T. Doitshman, Y. Elovici, and A. Shabtai, “Kitsune: An ensemble of autoencoders for online network intrusion detection,” arXiv, no. February, pp. 18–21, 2018.

Y. N. Kunang, S. Nurmaini, D. Stiawan, A. Zarkasi, and F. Jasmir, “Automatic Features Extraction Using Autoencoder in Intrusion Detection System,” in Proceedings of 2018 International Conference on Electrical Engineering and Computer Science, ICECOS 2018, 2019, vol. 17, pp. 219–224, doi: 10.1109/ICECOS.2018.8605181.

A. L. Buczak and E. Guven, “A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection,” IEEE Commun. Surv. Tutorials, vol. 18, no. 2, pp. 1153–1176, 2016, doi: 10.1109/COMST.2015.2494502.

A. Banjongkan, W. Pongsena, N. Kerdprasop, and K. Kerdprasop, “A study of job failure prediction at job submit-state and job start-state in high-performance computing system: Using decision tree algorithms,” J. Adv. Inf. Technol., vol. 12, no. 2, pp. 84–92, 2021, doi: 10.12720/jait.12.2.84-92.

A. Tharwat, “Classification assessment methods,” Appl. Comput. Informatics, vol. 17, no. 1, pp. 168–192, 2021, doi: 10.1016/j.aci.2018.08.003.