research-article

Open access

Botnet Detection in the Internet of Things through All-in-one Deep Autoencoding

Authors:

Antonio Pecchia,

Umberto VillanoAuthors Info & Claims

ARES '22: Proceedings of the 17th International Conference on Availability, Reliability and Security

Article No.: 90, Pages 1 - 7

https://doi.org/10.1145/3538969.3544460

Published: 23 August 2022 Publication History

All formats PDF

Abstract

In the past years Internet of Things (IoT) has received increasing attention by academia and industry due to the potential use in several human activities; however, IoT devices are vulnerable to various types of attacks. Many existing intrusion detection proposals in the IoT leverage complex machine learning architectures, which may provide one separate model per device or per attack. These solutions are not suited to the dynamicity and scale of modern IoT environments. This paper proposes an initial analysis of the problem in the context of deep autoencoders and the detection of botnet attacks. Our findings, obtained by means of the N-BaIoT dataset, indicate that it is relatively easy to achieve impressive detection results by training-testing separate and minimal deep autoenconders on the top of the data individual IoT devices. More important, our all-in-one deep autoencoding proposal, which consists in training a single model with the benign traffic collected from different IoT devices, allows to preserve the overall detection performance obtained through separate autoencoders. The all-in-one model can pave the way for more scalable intrusion detection solutions in the context of IoT.

References

[1]

A. Al-Fuqaha, M. Guizani, M. Mohammadi, M. Aledhari, and M. Ayyash. 2015. Internet of Things: A Survey on Enabling Technologies, Protocols, and Applications. IEEE Communications Surveys Tutorials 17, 4 (2015), 2347–2376.

Digital Library

[2]

M. Almiani, A. AbuGhazleh, A. Al-Rahayfeh, S. Atiewi, and A. Razaque. 2020. Deep recurrent neural network for IoT intrusion detection system. Simulation Modelling Practice and Theory 101 (2020), 102031.

[3]

M. H. Bhuyan, D. K. Bhattacharyya, and J. K. Kalita. 2014. Network Anomaly Detection: Methods, Systems and Tools. IEEE Communications Surveys Tutorials 16, 1 (2014), 303–336.

[4]

M. Catillo, A. Del Vecchio, A. Pecchia, and U. Villano. 2022. Transferability of machine learning models learned from public intrusion detection datasets: the CICIDS2017 case study. Software Quality Journal(2022).

[5]

M. Catillo, A. Pecchia, M. Rak, and U. Villano. 2021. Demystifying the role of public intrusion datasets: A replication study of DoS network traffic data. Computers & Security 108 (2021), 102341.

Digital Library

[6]

M. Catillo, A. Pecchia, and U. Villano. 2022. AutoLog: Anomaly detection by deep autoencoding of system logs. Expert Systems with Applications 191 (2022), 116263.

Digital Library

[7]

M. Catillo, A. Pecchia, and U. Villano. 2022. No more DoS? An empirical study on defense techniques for web server Denial of Service mitigation. Journal of Network and Computer Applications 202 (2022), 103363.

[8]

V. Chandola, A. Banerjee, and V. Kumar. 2009. Anomaly Detection: A Survey. ACM Comput. Surv. 41, 3, Article 15 (2009).

Digital Library

[9]

G. De La Torre Parra, P. Rad, K. R. Choo, and N. Beebe. 2020. Detecting Internet of Things attacks using distributed deep learning. Journal of Network and Computer Applications 163 (2020), 102662.

[10]

M. Ge, N. F. Syed, X. Fu, Z. Baig, and A. Robles-Kelly. 2021. Towards a deep learning-driven intrusion detection approach for Internet of Things. Computer Networks 186(2021), 107784.

[11]

C. Kolias, G. Kambourakis, A. Stavrou, and J. Voas. 2017. DDoS in the IoT: Mirai and Other Botnets. Computer 50, 7 (2017), 80–84.

Digital Library

[12]

M. Lopez-Martin, B. Carro, A. Sanchez-Esguevillas, and J. Lloret. 2017. Conditional Variational Autoencoder for Prediction and Feature Recovery Applied to Intrusion Detection in IoT. Sensors 17, 9 (2017), 1967.

[13]

Y. Meidan, M. Bohadana, Y. Mathov, Y. Mirsky, A. Shabtai, D. Breitenbacher, and Y. Elovici. 2018. N-BaIoT-Network-Based Detection of IoT Botnet Attacks Using Deep Autoencoders. IEEE Pervasive Computing 17, 3 (2018), 12–22.

Digital Library

[14]

Y. Mirsky, T. Doitshman, Y. Elovici, and A. Shabtai. 2018. Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection. In Proc. Network and Distributed System Security Symposium. USENIX.

[15]

G. Pang, C. Shen, L. Cao, and A. V. D. Hengel. 2021. Deep Learning for Anomaly Detection: A Review. ACM Comput. Surv. 54, 2, Article 38 (2021).

Digital Library

[16]

D Preuveneers, V. Rimmer, I. Tsingenopoulos, J. Spooren, W. Joosen, and E. Ilie-Zudor. 2018. Chained Anomaly Detection Models for Federated Learning: An Intrusion Detection Case Study. Applied Sciences 8, 12 (2018), 2663.

[17]

I. Ullah and Q. H. Mahmoud. 2020. A Scheme for Generating a Dataset for Anomalous Activity Detection in IoT Networks. In Advances in Artificial Intelligence, Cyril Goutte and Xiaodan Zhu (Eds.). Springer, 508–520.

[18]

P. Vincent, H. Larochelle, I. Lajoie, Y. Bengio, and P. A. Manzagol. 2010. Stacked Denoising Autoencoders: Learning Useful Representations in a Deep Network with a Local Denoising Criterion. Journal of Machine Learning Research 11 (2010), 3371–3408.

Digital Library

Cited By

Szymoniak SDepta FKarbowiak ŁKubanek M(2023)Trustworthy Artificial Intelligence Methods for Users’ Physical and Environmental Security: A Comprehensive ReviewApplied Sciences10.3390/app13211206813:21(12068)Online publication date: 6-Nov-2023
https://doi.org/10.3390/app132112068
Catillo MPecchia AVillano U(2023)A Deep Learning Method for Lightweight and Cross-Device IoT Botnet DetectionApplied Sciences10.3390/app1302083713:2(837)Online publication date: 7-Jan-2023
https://doi.org/10.3390/app13020837
Kauhsik BNandanwar HKatarya R(2023)IoT Security: A Deep Learning-Based Approach for Intrusion Detection and Prevention2023 International Conference on Evolutionary Algorithms and Soft Computing Techniques (EASCT)10.1109/EASCT59475.2023.10392490(1-7)Online publication date: 20-Oct-2023
https://doi.org/10.1109/EASCT59475.2023.10392490
Show More Cited By

Index Terms

Botnet Detection in the Internet of Things through All-in-one Deep Autoencoding
1. Security and privacy
  1. Intrusion/anomaly detection and malware mitigation
    1. Intrusion detection systems

Recommendations

A Review on IoT Botnet
CONF-CDS 2021: The 2nd International Conference on Computing and Data Science

The rapid development of the Internet of Things (IoT) also generates security threats that cannot be ignored. This paper lists the development history of botnets, introduces representative IoT botnets, and reveals their new characteristics. The botnet ...
Deep Learning for Preventing Botnet Attacks on IoT
Internet of Things, Smart Spaces, and Next Generation Networks and Systems
Abstract
The exponential rise of botnet attacks has created an urgent demand for effective intrusion detection systems within Internet of Things (IoT) environments. This study endeavors to tackle this issue by proposing a deep learning-based solution. The ...
Examining Mirai's Battle over the Internet of Things
CCS '20: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security

Using hundreds of thousands of compromised IoT devices, the Mirai botnet emerged in late 2016 as a game changing threat actor, capable of temporarily taking down major Internet service providers and Internet infrastructure. Since then, dozens of ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

ARES '22: Proceedings of the 17th International Conference on Availability, Reliability and Security

August 2022

1371 pages

ISBN:9781450396707

DOI:10.1145/3538969

Copyright © 2022 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 23 August 2022

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

ARES 2022

ARES 2022: The 17th International Conference on Availability, Reliability and Security

August 23 - 26, 2022

Vienna, Austria

Acceptance Rates

Overall Acceptance Rate 228 of 451 submissions, 51%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

6
Total Citations
View Citations
738
Total Downloads

Downloads (Last 12 months)336
Downloads (Last 6 weeks)49

Reflects downloads up to 08 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Szymoniak SDepta FKarbowiak ŁKubanek M(2023)Trustworthy Artificial Intelligence Methods for Users’ Physical and Environmental Security: A Comprehensive ReviewApplied Sciences10.3390/app13211206813:21(12068)Online publication date: 6-Nov-2023
https://doi.org/10.3390/app132112068
Catillo MPecchia AVillano U(2023)A Deep Learning Method for Lightweight and Cross-Device IoT Botnet DetectionApplied Sciences10.3390/app1302083713:2(837)Online publication date: 7-Jan-2023
https://doi.org/10.3390/app13020837
Kauhsik BNandanwar HKatarya R(2023)IoT Security: A Deep Learning-Based Approach for Intrusion Detection and Prevention2023 International Conference on Evolutionary Algorithms and Soft Computing Techniques (EASCT)10.1109/EASCT59475.2023.10392490(1-7)Online publication date: 20-Oct-2023
https://doi.org/10.1109/EASCT59475.2023.10392490
Catillo MPecchia AVillano U(2023)Traditional vs Federated Learning with Deep Autoencoders: a Study in IoT Intrusion Detection2023 IEEE International Conference on Cloud Computing Technology and Science (CloudCom)10.1109/CloudCom59040.2023.00042(208-215)Online publication date: 4-Dec-2023
https://doi.org/10.1109/CloudCom59040.2023.00042
Verma ABhattacharya PPrasad VDatt RTanwar S(2023)AutoBots: A Botnet Intrusion Detection Scheme Using Deep AutoencodersProceedings of Fourth International Conference on Computing, Communications, and Cyber-Security10.1007/978-981-99-1479-1_64(873-886)Online publication date: 2-Jul-2023
https://doi.org/10.1007/978-981-99-1479-1_64
Mahajan RKumar M(2023)Autoencoder-Based Botnet Detection for Enhanced IoT SecuritySustainable Development through Machine Learning, AI and IoT10.1007/978-3-031-47055-4_14(162-175)Online publication date: 19-Nov-2023
https://doi.org/10.1007/978-3-031-47055-4_14

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Figures

Tables

Media

View Table of Conten