利用基于图的进化算法实现物联网僵尸网络检测的有效方法

Q3 Computer Science

Informatica (Slovenia) Pub Date : 2023-05-31 DOI:10.31449/inf.v47i6.3714

Quoc-Dung Ngo, Huy-Trung Nguyen

{"title":"利用基于图的进化算法实现物联网僵尸网络检测的有效方法","authors":"Quoc-Dung Ngo, Huy-Trung Nguyen","doi":"10.31449/inf.v47i6.3714","DOIUrl":null,"url":null,"abstract":"In recent years, a large number of Internet of Things devices are used in life, many of which are vulnerable to attacks from a security perspective. Botnet malware is one of the main threats to IoT devices. Hence detection of IoT botnet is one of the most important challenge for IoT devices. This paper proposes an IoT botnet detection approach based on PSI graph data combine with evolutionary algorithm-based technique. In recent years, a large number of Internet of Things devices are used in life, many of which are vulnerable to attacks from a security perspective. Botnet malware is one of the main threats to IoT devices. Hence detection of IoT botnets is one of the most important challenges for IoT devices. In the paper, a IoT botnet detection approach based on PSI graph analysis by using the evolutionary algorithmbased technique. It applies bacterial evolution algorithm (BEA) in the training process on PSI graph multi-architecture IoT Botnet data to detect IoT Botnet. The PSI graphs were extracted from executable files and transform into vectors to feed into the classical machine learning classifiers. The result of the classifiers is then combine using soft voting method with BEA. The proposed method has achieved good experimental results (i.e., Accuracy at 95.30%, F1 at 96.15%). The approach also achieves a relatively low false-positive rate at 4.59%.","PeriodicalId":35802,"journal":{"name":"Informatica (Slovenia)","volume":"143 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2023-05-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Towards an efficient approach using graph-based evolutionary algorithm for IoT botnet detection\",\"authors\":\"Quoc-Dung Ngo, Huy-Trung Nguyen\",\"doi\":\"10.31449/inf.v47i6.3714\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In recent years, a large number of Internet of Things devices are used in life, many of which are vulnerable to attacks from a security perspective. Botnet malware is one of the main threats to IoT devices. Hence detection of IoT botnet is one of the most important challenge for IoT devices. This paper proposes an IoT botnet detection approach based on PSI graph data combine with evolutionary algorithm-based technique. In recent years, a large number of Internet of Things devices are used in life, many of which are vulnerable to attacks from a security perspective. Botnet malware is one of the main threats to IoT devices. Hence detection of IoT botnets is one of the most important challenges for IoT devices. In the paper, a IoT botnet detection approach based on PSI graph analysis by using the evolutionary algorithmbased technique. It applies bacterial evolution algorithm (BEA) in the training process on PSI graph multi-architecture IoT Botnet data to detect IoT Botnet. The PSI graphs were extracted from executable files and transform into vectors to feed into the classical machine learning classifiers. The result of the classifiers is then combine using soft voting method with BEA. The proposed method has achieved good experimental results (i.e., Accuracy at 95.30%, F1 at 96.15%). The approach also achieves a relatively low false-positive rate at 4.59%.\",\"PeriodicalId\":35802,\"journal\":{\"name\":\"Informatica (Slovenia)\",\"volume\":\"143 1\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-05-31\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Informatica (Slovenia)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.31449/inf.v47i6.3714\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"Computer Science\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Informatica (Slovenia)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.31449/inf.v47i6.3714","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"Computer Science","Score":null,"Total":0}

引用次数: 0

摘要

近年来，生活中大量使用物联网设备，从安全角度来看，很多物联网设备都很容易受到攻击。僵尸网络恶意软件是物联网设备的主要威胁之一。因此，物联网僵尸网络的检测是物联网设备面临的最重要挑战之一。本文提出了一种基于PSI图形数据与基于进化算法的技术相结合的物联网僵尸网络检测方法。近年来，生活中大量使用物联网设备，从安全角度来看，很多物联网设备都很容易受到攻击。僵尸网络恶意软件是物联网设备的主要威胁之一。因此，物联网僵尸网络的检测是物联网设备面临的最重要挑战之一。本文采用基于进化算法的技术，提出了一种基于PSI图分析的物联网僵尸网络检测方法。在PSI图多架构物联网僵尸网络数据的训练过程中，应用细菌进化算法(BEA)检测物联网僵尸网络。从可执行文件中提取PSI图，并将其转换为向量，输入经典机器学习分类器。然后使用软投票方法将分类器的结果与BEA相结合。该方法取得了良好的实验结果(准确率为95.30%，F1为96.15%)。该方法的假阳性率也相对较低，为4.59%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Towards an efficient approach using graph-based evolutionary algorithm for IoT botnet detection

In recent years, a large number of Internet of Things devices are used in life, many of which are vulnerable to attacks from a security perspective. Botnet malware is one of the main threats to IoT devices. Hence detection of IoT botnet is one of the most important challenge for IoT devices. This paper proposes an IoT botnet detection approach based on PSI graph data combine with evolutionary algorithm-based technique. In recent years, a large number of Internet of Things devices are used in life, many of which are vulnerable to attacks from a security perspective. Botnet malware is one of the main threats to IoT devices. Hence detection of IoT botnets is one of the most important challenges for IoT devices. In the paper, a IoT botnet detection approach based on PSI graph analysis by using the evolutionary algorithmbased technique. It applies bacterial evolution algorithm (BEA) in the training process on PSI graph multi-architecture IoT Botnet data to detect IoT Botnet. The PSI graphs were extracted from executable files and transform into vectors to feed into the classical machine learning classifiers. The result of the classifiers is then combine using soft voting method with BEA. The proposed method has achieved good experimental results (i.e., Accuracy at 95.30%, F1 at 96.15%). The approach also achieves a relatively low false-positive rate at 4.59%.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Informatica (Slovenia) Computer Science-Computer Science Applications

CiteScore

1.90

自引率

0.00%

发文量

期刊介绍： Informatica is an international refereed journal with its base in Europe. It has entered its 33th year of publication. It publishes papers addressing all issues of interests to computer professionals: from scientific and technical to educational, commercial and industrial. It also publishes critical examinations of existing publications, news about major practical achievements and innovations in the computer and information industry, as well as conference announcements and reports.