IoT Botnet Detection Using Autoencoders and Decision Trees

Jurnal Sisfokom Pub Date : 2023-11-03 DOI:10.32736/sisfokom.v12i3.1693

Susanto Susanto, M. Agus Syamsul Arifin, Harma Oktafia Lingga Wijaya

{"title":"IoT Botnet Detection Using Autoencoders and Decision Trees","authors":"Susanto Susanto, M. Agus Syamsul Arifin, Harma Oktafia Lingga Wijaya","doi":"10.32736/sisfokom.v12i3.1693","DOIUrl":null,"url":null,"abstract":"The use of IoT devices has grown rapidly, leading to an increase in cyber attacks that pose greater security and privacy threats than ever before. One such threat is botnet attacks on IoT devices. An IoT botnet is a group of Internet-connected IoT devices infected with malware and remotely controlled by an attacker. Machine learning techniques can be employed to detect botnet attacks. The use of machine learning-based detection methods has been shown to be effective in identifying cyber attacks. The performance of the detection system in machine learning can be improved by utilizing data reduction methods. The data reduction process in classification is used to overcome the problem of scalability and computation resources in the IoT. This paper proposes a detection system using the Autoencoder reduction method and the Decision tree classification method. The test results demonstrate that the Deep Autoencoder algorithm can reduce data and memory usage from 1.62 GB to 75.9 MB, while also improving the performance of decision tree classification, resulting in a high level of accuracy up to 100%. The Autoencoder approach in conjunction with the Decision Tree exhibits superior capabilities compared to previous studies.","PeriodicalId":34309,"journal":{"name":"Jurnal Sisfokom","volume":"21 22","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Jurnal Sisfokom","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.32736/sisfokom.v12i3.1693","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

The use of IoT devices has grown rapidly, leading to an increase in cyber attacks that pose greater security and privacy threats than ever before. One such threat is botnet attacks on IoT devices. An IoT botnet is a group of Internet-connected IoT devices infected with malware and remotely controlled by an attacker. Machine learning techniques can be employed to detect botnet attacks. The use of machine learning-based detection methods has been shown to be effective in identifying cyber attacks. The performance of the detection system in machine learning can be improved by utilizing data reduction methods. The data reduction process in classification is used to overcome the problem of scalability and computation resources in the IoT. This paper proposes a detection system using the Autoencoder reduction method and the Decision tree classification method. The test results demonstrate that the Deep Autoencoder algorithm can reduce data and memory usage from 1.62 GB to 75.9 MB, while also improving the performance of decision tree classification, resulting in a high level of accuracy up to 100%. The Autoencoder approach in conjunction with the Decision Tree exhibits superior capabilities compared to previous studies.

查看原文本刊更多论文

使用自动编码器和决策树的物联网僵尸网络检测

物联网设备的使用迅速增长，导致网络攻击增加，构成比以往任何时候都更大的安全和隐私威胁。其中一个威胁是对物联网设备的僵尸网络攻击。物联网僵尸网络是一组被恶意软件感染并由攻击者远程控制的联网物联网设备。机器学习技术可以用来检测僵尸网络攻击。使用基于机器学习的检测方法已被证明在识别网络攻击方面是有效的。利用数据约简方法可以提高机器学习中检测系统的性能。分类中的数据约简过程用于克服物联网中可扩展性和计算资源的问题。本文提出了一种采用自编码器约简方法和决策树分类方法的检测系统。测试结果表明，Deep Autoencoder算法可以将数据和内存使用量从1.62 GB减少到75.9 MB，同时也提高了决策树分类的性能，准确率达到100%。与以前的研究相比，与决策树相结合的自动编码器方法显示出优越的能力。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Jurnal Sisfokom

自引率

0.00%

发文量

审稿时长

8 weeks