Comparing Malware Attack Detection using Machine Learning Techniques in IoT Network Traffic

IF 1.3 Q4 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE

International Journal of Innovative Computing Information and Control Pub Date : 2023-05-30 DOI:10.11113/ijic.v13n1.384

Yee Zi Wei, Marina Md-Arshad, Adlina Abdul Samad, Norafida Ithnin

{"title":"Comparing Malware Attack Detection using Machine Learning Techniques in IoT Network Traffic","authors":"Yee Zi Wei, Marina Md-Arshad, Adlina Abdul Samad, Norafida Ithnin","doi":"10.11113/ijic.v13n1.384","DOIUrl":null,"url":null,"abstract":"Most IoT devices are designed and built for cheap and basic functions, therefore, the security aspects of these devices are not taken seriously. Yet, IoT devices tend to play an important role in this era, where the amount of IoT devices is predicted to exceed the number of traditional computing devices such as desktops and laptops. This causes more and more cybersecurity attacks to target IoT devices and malware attack is known to be the most common attack in IoT networks. However, most research only focuses on malware detection in traditional computing devices. The purpose of this research is to compare the performance of Random Forest and Naïve Bayes algorithm in terms of accuracy, precision, recall and F1-score in classifying the malware attack and benign traffic in IoT network traffic. Research is conducted with the Aposemat IoT-23 dataset, a labelled dataset that contains IoT malware infection traffic and IoT benign traffic. To determine the data in IoT network traffic packets that are useful for threat detection, a study is conducted and the threat data is cleaned up and prepared using RStudio and RapidMiner Studio. Random Forest and Naïve Bayes algorithm is used to train and classify the cleaned dataset. Random Forest can prevent the model from overfitting while Naïve Bayes requires less training time. Lastly, the accuracy, precision, recall and F1-score of the machine learning algorithms are compared and discussed. The research result displays the Random Forest as the best machine learning algorithm in classifying the malware attack traffic.","PeriodicalId":50314,"journal":{"name":"International Journal of Innovative Computing Information and Control","volume":null,"pages":null},"PeriodicalIF":1.3000,"publicationDate":"2023-05-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Innovative Computing Information and Control","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.11113/ijic.v13n1.384","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 1

Abstract

Most IoT devices are designed and built for cheap and basic functions, therefore, the security aspects of these devices are not taken seriously. Yet, IoT devices tend to play an important role in this era, where the amount of IoT devices is predicted to exceed the number of traditional computing devices such as desktops and laptops. This causes more and more cybersecurity attacks to target IoT devices and malware attack is known to be the most common attack in IoT networks. However, most research only focuses on malware detection in traditional computing devices. The purpose of this research is to compare the performance of Random Forest and Naïve Bayes algorithm in terms of accuracy, precision, recall and F1-score in classifying the malware attack and benign traffic in IoT network traffic. Research is conducted with the Aposemat IoT-23 dataset, a labelled dataset that contains IoT malware infection traffic and IoT benign traffic. To determine the data in IoT network traffic packets that are useful for threat detection, a study is conducted and the threat data is cleaned up and prepared using RStudio and RapidMiner Studio. Random Forest and Naïve Bayes algorithm is used to train and classify the cleaned dataset. Random Forest can prevent the model from overfitting while Naïve Bayes requires less training time. Lastly, the accuracy, precision, recall and F1-score of the machine learning algorithms are compared and discussed. The research result displays the Random Forest as the best machine learning algorithm in classifying the malware attack traffic.

查看原文本刊更多论文

比较物联网网络流量中使用机器学习技术的恶意软件攻击检测

大多数物联网设备都是为廉价和基本功能而设计和制造的，因此，这些设备的安全方面没有得到认真对待。然而，物联网设备在这个时代将发挥重要作用，物联网设备的数量预计将超过台式机和笔记本电脑等传统计算设备的数量。这导致越来越多的网络安全攻击针对物联网设备，恶意软件攻击是物联网网络中最常见的攻击。然而，大多数研究只关注传统计算设备中的恶意软件检测。本研究的目的是比较Random Forest和Naïve Bayes算法在IoT网络流量中对恶意攻击和良性流量进行分类的准确率、精密度、召回率和f1评分。研究使用Aposemat IoT-23数据集进行，这是一个包含物联网恶意软件感染流量和物联网良性流量的标记数据集。为了确定物联网网络流量数据包中对威胁检测有用的数据，进行了一项研究，并使用RStudio和RapidMiner Studio对威胁数据进行了清理和准备。使用随机森林和Naïve贝叶斯算法对清洗后的数据集进行训练和分类。随机森林可以防止模型过拟合，而Naïve贝叶斯需要更少的训练时间。最后，对机器学习算法的正确率、精密度、召回率和f1分数进行了比较和讨论。研究结果表明，随机森林算法是对恶意攻击流量进行分类的最佳机器学习算法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

International Journal of Innovative Computing Information and Control 工程技术-计算机：人工智能

CiteScore

3.20

自引率

20.00%

发文量

审稿时长

4.3 months

期刊介绍： The primary aim of the International Journal of Innovative Computing, Information and Control (IJICIC) is to publish high-quality papers of new developments and trends, novel techniques and approaches, innovative methodologies and technologies on the theory and applications of intelligent systems, information and control. The IJICIC is a peer-reviewed English language journal and is published bimonthly