{"title":"基于通信图的物联网僵尸网络攻击检测","authors":"David Concejal Muñoz, Antonio del-Corte Valiente","doi":"10.1186/s42400-023-00169-6","DOIUrl":null,"url":null,"abstract":"<h3 data-test=\"abstract-sub-heading\">Abstract</h3><p>Intrusion detection systems have been proposed for the detection of botnet attacks. Various types of centralized or distributed cloud-based machine learning and deep learning models have been suggested. However, the emergence of the Internet of Things (IoT) has brought about a huge increase in connected devices, necessitating a different approach. In this paper, we propose to perform detection on IoT-edge devices. The suggested architecture includes an anomaly intrusion detection system in the application layer of IoT-edge devices, arranged in software-defined networks. IoT-edge devices request information from the software-defined networks controller about their own behaviour in the network. This behaviour is represented by communication graphs and is novel for IoT networks. This representation better characterizes the behaviour of the device than the traditional analysis of network traffic, with a lower volume of information. Botnet attack scenarios are simulated with the IoT-23 dataset. Experimental results show that attacks are detected with high accuracy using a deep learning model with low device memory requirements and significant storage reduction for training.\n</p><h3 data-test=\"abstract-sub-heading\">Graphical abstract</h3>\n","PeriodicalId":36402,"journal":{"name":"Cybersecurity","volume":null,"pages":null},"PeriodicalIF":3.9000,"publicationDate":"2023-12-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A novel botnet attack detection for IoT networks based on communication graphs\",\"authors\":\"David Concejal Muñoz, Antonio del-Corte Valiente\",\"doi\":\"10.1186/s42400-023-00169-6\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<h3 data-test=\\\"abstract-sub-heading\\\">Abstract</h3><p>Intrusion detection systems have been proposed for the detection of botnet attacks. Various types of centralized or distributed cloud-based machine learning and deep learning models have been suggested. However, the emergence of the Internet of Things (IoT) has brought about a huge increase in connected devices, necessitating a different approach. In this paper, we propose to perform detection on IoT-edge devices. The suggested architecture includes an anomaly intrusion detection system in the application layer of IoT-edge devices, arranged in software-defined networks. IoT-edge devices request information from the software-defined networks controller about their own behaviour in the network. This behaviour is represented by communication graphs and is novel for IoT networks. This representation better characterizes the behaviour of the device than the traditional analysis of network traffic, with a lower volume of information. Botnet attack scenarios are simulated with the IoT-23 dataset. Experimental results show that attacks are detected with high accuracy using a deep learning model with low device memory requirements and significant storage reduction for training.\\n</p><h3 data-test=\\\"abstract-sub-heading\\\">Graphical abstract</h3>\\n\",\"PeriodicalId\":36402,\"journal\":{\"name\":\"Cybersecurity\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":3.9000,\"publicationDate\":\"2023-12-03\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Cybersecurity\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1186/s42400-023-00169-6\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Cybersecurity","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1186/s42400-023-00169-6","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
A novel botnet attack detection for IoT networks based on communication graphs
Abstract
Intrusion detection systems have been proposed for the detection of botnet attacks. Various types of centralized or distributed cloud-based machine learning and deep learning models have been suggested. However, the emergence of the Internet of Things (IoT) has brought about a huge increase in connected devices, necessitating a different approach. In this paper, we propose to perform detection on IoT-edge devices. The suggested architecture includes an anomaly intrusion detection system in the application layer of IoT-edge devices, arranged in software-defined networks. IoT-edge devices request information from the software-defined networks controller about their own behaviour in the network. This behaviour is represented by communication graphs and is novel for IoT networks. This representation better characterizes the behaviour of the device than the traditional analysis of network traffic, with a lower volume of information. Botnet attack scenarios are simulated with the IoT-23 dataset. Experimental results show that attacks are detected with high accuracy using a deep learning model with low device memory requirements and significant storage reduction for training.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
