Botnet Attack Detection in Internet of Things Using Selected Learning Algorithms

Abstract

The Internet of Things (IoT) refers to a network of everyday devices, such as smartphones and industrial sensors, all connected to the Internet, allowing them to communicate and share data. IoT networks comprise various devices with different functions, communication protocols, and computational capabilities. This heterogeneity complicates the development of a one-size-fits-all solution for botnet detection. Developing effective botnet detection systems for IoT environments is challenging due to the diversity of devices, each with unique characteristics and behaviors. This study focuses on creating a robust model to identify botnet attacks across various IoT devices. Using the NB-IoT-23 datasets, which include data from five distinct devices, supervised machine learning techniques, namely Logistic Regression, Linear Regression, Artificial Neural Network (ANN), K-nearest neighbours (KNN), and Bagging, were employed to identify the most accurate and efficient method. The research highlights the Bagging ensemble technique as particularly effective. The Bagging model demonstrated remarkable performance, achieving an accuracy of 99.96%, precision of 99.93%, recall of 99.98%, an F1 score of 99.96%, and a Receiver Operating Characteristic Area Under the Curve (ROC-AUC) score of 99.96%, all within a training time of 27.59 seconds. These results suggest that the Bagging model is highly effective and very efficient, making it a strong candidate for real-world IoT botnet detection. The model's high accuracy and low computational overhead make it a viable solution for real-world applications of Botnet detection, contributing significantly to the ongoing efforts of stakeholders in securing IoT networks against botnet threats.