Feature Analysis of IoT Botnet Attacks based on RNN and LSTM

  IJETT-book-cover  International Journal of Engineering Trends and Technology (IJETT)          
  
© 2020 by IJETT Journal
Volume-68 Issue-4
Year of Publication : 2020
Authors : Jiyeon Kim, Hyerin Won, Minsun Shim, Seungah Hong, Eunjung Choi
  10.14445/22315381/IJETT-V68I4P208S

MLA 

MLA Style: Jiyeon Kim, Hyerin Won, Minsun Shim, Seungah Hong, Eunjung Choi  "Feature Analysis of IoT Botnet Attacks based on RNN and LSTM" International Journal of Engineering Trends and Technology 68.4(2020):43-47. 

APA Style: Jiyeon Kim, Hyerin Won, Minsun Shim, Seungah Hong, Eunjung Choi. Feature Analysis of IoT Botnet Attacks based on RNN and LSTM  International Journal of Engineering Trends and Technology, 68(4),43-47.

Abstract
As the number of IoT devices rapidly increases, attacks targeting IoT devices also increase. In the IoT environment, IoT devices are vulnerable to network attacks because IoT devices are connected to the network to process collected data through the internet. In order to detect IoT attacks, developing a security solution considering characteristics of various types of IoT devices is necessary. However, it is challenging to develop a customized security solution for each type of the IoT device. Especially, traditional rule-based detection techniques would trigger massive false alarms. In this paper, we employ deep learning (DL) techniques that train empirical data. We focus on botnet attacks targeting IoT devices and develop a DL-based botnet detection system using a Recurrent Neural Network (RNN) model as well as Long Short-Term Memory (LSTM) model. As a dataset, we use N-BaIoT which is generated by injecting botnet attacks into various types of IoT devices. We train the dataset based on the DL-based system and analyse features that improve performance of the botnet detection.

Reference

[1] S. Chen, H. Xu, D. Liu, B. Hu, and H. Wang, ―A vision of iot: Applications, challenges, and opportunities with china perspective,‖ IEEE Internet of Things journal, vol. 1, no. 4, pp. 349–359, 2014.
[2] Z. Zhang, M. Cho, C. Wang, C. Hsu, C. Chen, S. Shieh, ―IoT Security: Ongoing Challenges and Research Opportunities,”, 2014 IEEE 7th International Conference on Service-Oriented Computing and Applications, pp. 2163- 2871.
[3] J. Liu, Y. Xiao, and C. L. P. Chen, ―Authentication and Access Control in the Internet of Things,” IEEE 32nd International Conference.
[4] Cole, Peter H., and Damith C. Ranasinghe, ―Networked RFID systems and lightweight cryptography,‖ Springer, 2008.
[5] A. Cui and S. J. Stolfo, ―Reflections on the engineering and operation of a large-scale embedded device vulnerability scanner,” BADGERS, 2011.
[6] X. Xu, ―Study on Security Problems and Key Technologies of the Internet of Things,‖ Computational and Information Sciences (ICCIS), 2013 Fifth International Conference, pp.407,410, 21-23, 2013.
[7] S. Hettich and S. Bay, ―KDD Cup 1999 Data - The UCI KDD Archive. Irvine, CA: University of California, Department of Information and Computer Science.‖ 1999. [Online]. Available: http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html
[8] ―NSL-KDD | Datasets | Research | Canadian Institute for Cybersecurity | UNB,‖ 2016. [Online]. Available: http://www.unb.ca/cic/research/datasets/nsl.html
[9] N. Moustafa and J. Slay, ―UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSWNB15 network data set),‖ in 2015 Military Communications and Information Systems Conference (MilCIS), Nov. 2015, pp. 1–6.
[10] C. I. for Cybersecurity (CIC), ―IDS 2017 | Datasets | Research | Canadian Institute for Cybersecurity | UNB,‖ 2017. [Online]. Available: https://www.unb.ca/cic/datasets/ids-2017.html
[11] ―CSE-CIC-IDS2018 | Datasets | Research | Canadian Institute for Cybersecurity | UNB,‖ 2018. [Online]. Available: https://www.unb.ca/cic/datasets/ids-2018.html
[12] J, Cañedo, A. Skjellum, ―Using machine learning to secure IoT systems,” 2016 14th Annual Conference on Privacy, Security and Trust (PST), 2016.
[13] Y. Meidan, M. Bohadana, A. shabtai, ―ProfilIoT: A Machine Learning Approach for IoT Device Identification Based on Network Traffic Analysis,” SAC '17: Proceedings of the Symposium on Applied Computing, pp. 506-509, 2017.
[14] Y. Meidan, M. Bohadana, A. shabtai, ―Detection of Unauthorized IoT Devices Using Machine Learning Techniques,‖ arXiv, 2017.
[15] IV Kotenko, I Saenko, A Branitskiy, ―Applying Big Data Processing and Machine Learning Methods for Mobile Internet of Things Security Monitoring,‖ Internet Serv. Inf. Secur., 2018.
[16] C. D. McDermott, F. Majdani, A. V. Petrovski, ―Botnet Detection in the Internet of Things using Deep Learning Approaches,” International Joint Conference on Neural Networks (IJCNN), 2018.
[17] B. A. Tama, K. Rhee, “Attack Classification Analysis of IoT Network via Deep learning Approach,”, 2018.
[18] D. W. Vilela, T. F. Ed‘Wilson, A. A. Shinoda, N. V. de Souza Araujo, R. de Oliveira, and V. E. Nascimento. A dataset for evaluating intrusion detection systems in IEEE 802.11 wireless networks. In Proc. of the 2014 IEEE Colombian Conference on Communications and Computing (COLCOM‘14), Bogota, Colombia, pages 1–5. IEEE, 2014.
[19] R. Das, A. Gardre, S. Zhang, S. Kumar, J. M. F. Moura, ―A Deep Learning Approach to IoT Authentication,‖ 2018 IEEE International Conference on Communications (ICC), 2018.
[20] C. Thamilarasu, S. Chawla, ―Towards Deep-Learning- Driven Intrusion Detection for the Internet of Things,‖ 2019.
[21] O. Brun, Y. Yin, J. Augusto, M. Ramos, E. Celenbe, ―IoT Attack Detection with Deep Learning‖, 2019.
[22] MEIDAN, Yair, et al. N-baiot—network-based detection of iot botnet attacks using deep autoencoders. IEEE Pervasive Computing, 2018, 17.3: 12-22.

Keywords
Internet of Things, Attacks, Botnets, NBaIoT, Deep learning, Recurrent neural network, Long Short-Term Memory