Toward a deep learning-based intrusion detection system for IoT against botnet attacks

Idriss Idrissi, Mohammed Boukabous, Mostafa Azizi, Omar Moussaoui, Hakim El Fadili

Abstract


The massive network traffic data between connected devices in the Internet of Things have taken a big challenge to many traditional intrusion detection systems (IDS) to find probable security breaches. However, security attacks lean towards unpredictability. There are numerous difficulties to build up adaptable and powerful IDS for IoT in order to avoid false alerts and ensure a high recognition precision against attacks, especially with the rising of Botnet attacks. These attacks can even make harmless devices becoming zombies that send malicious traffic and disturb the network. In this paper, we propose a new IDS solution, baptized BotIDS, based on Deep Learning convolutional neural networks (CNN). The main interest of this work is to design, implement and test our IDS against some well-known Botnet attacks using a specific Bot-IoT dataset. Compared to other deep learning techniques, such as simple RNN, LSTM and GRU, the obtained results of our BotIDS are promising with 99.94% in validation accuracy, 0.58% in validation loss, and the prediction execution time is less than 0.34 ms.

Keywords


Bot-IoT, Botnet, CNN, DL, GRU, IDS, IoT, LSTM, RNN

References


“Internet of Things (IoT) - The future of IoT miniguide: The burgeoning IoT market continues - Cisco.” [Online]. Available: https://www.cisco.com/c/en/us/solutions/internet-of-things/future-of-iot.html. [Accessed: 06-Jun-2020].

J. Singh, T. Pasquier, J. Bacon, H. Ko, and D. Eyers, “Twenty Security Considerations for Cloud-Supported Internet of Things,” IEEE Internet Things J., vol. 3, no. 3, pp. 269–284, Jun. 2016.

J. Lin, W. Yu, N. Zhang, X. Yang, H. Zhang, and W. Zhao, “A Survey on Internet of Things: Architecture, Enabling Technologies, Security and Privacy, and Applications,” IEEE Internet Things J., vol. 4, no. 5, pp. 1125–1142, Oct. 2017.

Y. Xiao, C. Xing, T. Zhang, and Z. Zhao, “An Intrusion Detection Model Based on Feature Reduction and Convolutional Neural Networks,” IEEE Access, vol. 7, pp. 42210–42219, 2019.

E. Bertino and N. Islam, “Botnets and Internet of Things Security,” Computer (Long. Beach. Calif)., vol. 50, no. 2, pp. 76–79, Feb. 2017.

C. Kolias, G. Kambourakis, A. Stavrou, and J. Voas, “DDoS in the IoT: Mirai and other botnets,” Computer (Long. Beach. Calif)., vol. 50, no. 7, pp. 80–84, 2017.

A. J. Malik, W. Shahzad, and F. A. Khan, “Network intrusion detection using hybrid binary PSO and random forests algorithm,” Secur. Commun. Networks, vol. 8, no. 16, pp. 2646–2660, Nov. 2015.

J. Jabez and B. Muthukumar, “Intrusion detection system (ids): Anomaly detection using outlier detection approach,” in Procedia Computer Science, 2015, vol. 48, no. C, pp. 338–346.

N. Ouerdi, I. Elfarissi, A. Azizi, and M. Azizi, “Artificial neural network-based methodology for vulnerabilities detection in EMV cards,” in Proceedings of the 2015 11th International Conference on Information Assurance and Security, IAS 2015, 2016, pp. 85–90.

S. Vieira, W. H. L. Pinaya, and A. Mechelli, “Using deep learning to investigate the neuroimaging correlates of psychiatric and neurological disorders: Methods and applications,” Neuroscience and Biobehavioral Reviews, vol. 74. Elsevier Ltd, pp. 58–75, 01-Mar-2017.

Y. Lecun, Y. Bengio, and G. Hinton, “Deep learning,” Nature, vol. 521, no. 7553. Nature Publishing Group, pp. 436–444, 27-May-2015.

Y. LeCun, L. Bottou, Y. Bengio, and P. Haffner, “Gradient-based learning applied to document recognition,” Proc. IEEE, vol. 86, no. 11, pp. 2278–2323, 1998.

I. El Farissi, M. Azizi, and M. Moussaoui, “Detection of smart card attacks using neural networks,” in Proceedings of 2012 International Conference on Multimedia Computing and Systems, ICMCS 2012, 2012, pp. 949–954.

“Convolutional Neural Network - MATLAB & Simulink.” [Online]. Available: https://www.mathworks.com/solutions/deep-learning/convolutional-neural-network.html. [Accessed: 05-May-2020].

P. Skalski, “Gentle Dive into Math Behind Convolutional Neural Networks.” [Online]. Available: https://towardsdatascience.com/gentle-dive-into-math-behind-convolutional-neural-networks-79a07dd44cf9. [Accessed: 18-May-2020].

M. A. Al-Garadi, A. Mohamed, A. Al-Ali, X. Du, I. Ali, and M. Guizani, “A Survey of Machine and Deep Learning Methods for Internet of Things (IoT) Security,” IEEE Commun. Surv. Tutorials, pp. 1–1, Apr. 2020.

R. Vinayakumar, K. P. Soman, and P. Poornachandrany, “Applying convolutional neural network for network intrusion detection,” in 2017 International Conference on Advances in Computing, Communications and Informatics, ICACCI 2017, 2017, vol. 2017-January, pp. 1222–1228.

W. Tao, W. Zhang, C. Hu, and C. Hu, “A Network Intrusion Detection Model Based on Convolutional Neural Network,” in Advances in Intelligent Systems and Computing, 2020, vol. 895, pp. 771–783.

Y. Singh and A. S. Chauhan, “NEURAL NETWORKS IN DATA MINING.,” J. Theor. Appl. Inf. Technol., vol. 5, no. 1, pp. 36–42, 2009.

A. Afshine and A. Shervine, “CS 230 - Recurrent Neural Networks Cheatsheet,” Stanford.Edu, 2019. .

M. Ibrahim Sameen and B. Pradhan, “Severity Prediction of Traffic Accidents with Recurrent Neural Networks,” Appl. Sci., vol. 7, no. 6, p. 476, 2017.

D. Thakur, “LSTM and its equations - Medium.” [Online]. Available: https://medium.com/@divyanshu132/lstm-and-its-equations-5ee9246d04af. [Accessed: 18-May-2020].

R. Jozefowicz, W. Zaremba, I. S.-I. conference on, and undefined 2015, “An empirical exploration of recurrent network architectures,” jmlr.org.

J. Chung, C. Gulcehre, K. Cho, and Y. Bengio, “Empirical Evaluation of Gated Recurrent Neural Networks on Sequence Modeling,” arXiv Prepr. arXiv1412.3555, 2014.

M. Phi, “Illustrated Guide to LSTM’s and GRU’s: A step by step explanation.” [Online]. Available: https://towardsdatascience.com/illustrated-guide-to-lstms-and-gru-s-a-step-by-step-explanation-44e9eb85bf21. [Accessed: 19-May-2020].

N. Koroniotis, N. Moustafa, E. Sitnikova, and B. Turnbull, “Towards the development of realistic botnet dataset in the Internet of Things for network forensic analytics: Bot-IoT dataset,” Futur. Gener. Comput. Syst., vol. 100, pp. 779–796, Nov. 2019.

O. Ibitoye, O. Shafiq, and A. Matrawy, “Analyzing Adversarial Attacks Against Deep Learning for Intrusion Detection in IoT Networks,” May 2019.

M. A. Ferrag, L. Maglaras, S. Moschoyiannis, and H. Janicke, “Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study,” J. Inf. Secur. Appl., vol. 50, p. 102419, Feb. 2020.

M. Ge, X. Fu, N. Syed, Z. Baig, G. Teo, and A. Robles-Kelly, “Deep learning-based intrusion detection for IoT networks,” in Proceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC, 2019, vol. 2019-Decem, pp. 256–265.

O. AlKadi, N. Moustafa, B. Turnbull, and K.-K. R. Choo, “Mixture Localization-Based Outliers Models for securing Data Migration in Cloud Centers,” IEEE Access, vol. 7, pp. 114607–114618, Aug. 2019.

M. Erza Aminanto and K. Kim, “Deep Learning in Intrusion Detection System: An Overview,” 2016.

“The BoT-IoT Dataset.” [Online]. Available: https://www.unsw.adfa.edu.au/unsw-canberra-cyber/cybersecurity/ADFA-NB15-Datasets/bot_iot.php. [Accessed: 22-Feb-2020].




DOI: http://doi.org/10.11591/ijai.v9.i4.pp%25p
Total views : 49 times

Refbacks

  • There are currently no refbacks.


View IJAI Stats

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.