Feature selection for IoT botnet detection using equilibrium and Battle Royale Optimization

The Internet of Things (IoT) is rapidly expanding, bringing unprecedented opportunities and significant security risks. Among the most appealing attacks on IoT are botnets, typically utilized for Distributed Denial of Service (DDoS) attacks, identity theft, malware distribution, fraud, and spamming. Early detection and mitigation are crucial considering the nature of IoT devices and botnets. Many of these methods deploy machine learning, such as supervised, unsupervised, and deep learning. As IoT devices generate a massive amount of data of high dimensions, not all data contain valuable information. Feeding data without preprocessing might degrade the quality of the detection model. Thus, optimization methods are needed to determine the subsets of the most relevant features to the detection process. This study utilized the effectiveness of Equilibrium Optimization (EO), Battle Royale Optimization (BRO), and Adaptive Equilibrium Optimization (AEO) for feature selection in detecting IoT botnets using the N-BaIoT dataset. The performance of the selected features is evaluated using three classifiers: K Nearest Neighbor (KNN), Random Forest (RF), and Gaussian Naive Bayes (GNB) considering metrics such as number of features, accuracy, sensitivity, specificity, True Positive Rate (TPR), False Positive Rate (FPR), and time required for feature selection. Our findings indicate the competitive performance of EO and AEO in terms of runtime, number of features selected, and accuracy, compared to recent works on the same dataset.