Botnet Attack Detection at the IoT Edge Based on Sparse Representation

Abstract

Internet-of-Things (IoT) aims at interconnecting thousands or millions of smart objects/devices in a seamless way by sensing, processing and analyzing huge amount of data obtained from heterogeneous IoT devices. This rapid development of IoT-oriented infrastructures comes at the cost of increased security threats through IoT-based botnet attacks. In this work, we present an IoT botnet attack detection method based on a sparsity representation framework using a reconstruction error thresholding rule for identifying malicious network traffic at the IoT edge coming from compromised IoT devices. The botnet attack detection is performed based on small-sized benign IoT network traffic data, and thus we have no prior knowledge about malicious IoT traffic data. We present our results on a real IoT-based network dataset and show the efficacy of our proposed technique against a reconstruction error-based autoencoder approach.