Skip to main content
Springer Nature Link
Log in

Deep Learning Approach for Detecting Botnet Attacks in IoT Environment of Multiple and Heterogeneous Sensors

  • Conference paper
  • First Online:
Advances in Cyber Security (ACeS 2021)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1487))

Included in the following conference series:

Abstract

The impacts of Distributed-Denial-of-Service (DDoS) are doubtlessly major and continue to grow along with the growth of Internet-of-Things (IoT) devices. So many solutions have been contributed to detecting and mitigating this attack, specifically in IoT devices, yet the threat still exists and is bigger than ever. Denial of service attacks are often carried out by flooding a targeted computer or resource with phony requests in an attempt to overwhelm systems and prevent a few or all genuine requests from being completed; this is known as botnet attacks. There have been so many attempts to solve such puzzle-like middle-box and Artificial Intelligence (AI) solutions through machine learning (ML). The new botnets are so complex where for example, the Mirai botnet can mutate on a daily basis. This paper proposes a deep learning (DL) approach that consists of three DL algorithms, namely, recurrent neural network (RNN), convolutional neural network (CNN), and Long short-term memory (LSTM)-RNN to counter DDoS attacks targeting IoT networks. These algorithms are tested by implementing a real-world N-BaIoT dataset that has been collected by infecting nine IoT devices with two of the most dangerous DDoS botnets (Mirai and Bashlite). Subsequently, the three algorithms are compared in terms of accuracy, precision, recall, and f-measure. The results show that the RNN has achieved the highest accuracy of 89.75% among the three algorithms, followed by the LSTM-RNN and the CNN.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Abhishta, A., van Rijswijk-Deij, R., Nieuwenhuis, L.J.: Measuring the impact of a successful DDoS attack on the customer behaviour of managed DNS service providers. ACM SIGCOMM Comput. Commun. Rev. 48(5), 70–76 (2019)

    Article  Google Scholar 

  2. Mirkovic, J., Reiher, P.: A taxonomy of DDoS attack and DDoS defense mechanisms. ACM SIGCOMM Comput. Commun. Rev. 34(2), 39–53 (2004)

    Article  Google Scholar 

  3. Doshi, R., Apthorpe, N., Feamster, N.: Machine learning DDoS detection for consumer internet of things devices. In: 2018 IEEE Security and Privacy Workshops (SPW), pp. 29–35. IEEE (2018)

    Google Scholar 

  4. Meidan, Y., et al.: N-BaIoT—network-based detection of IoT botnet attacks using deep autoencoders. IEEE Pervasive Comput. 17(3), 12–22 (2018)

    Article  Google Scholar 

  5. Khalaf, B.A., et al.: An adaptive protection of flooding attacks model for complex network environments. Secur. Commun. Netw. 2021, 1–17 (2021)

    Google Scholar 

  6. Maseer, Z.K., Yusof, R., Bahaman, N., Mostafa, S.A., Foozy, C.F.M.: Benchmarking of machine learning for anomaly based intrusion detection systems in the CICIDS2017 dataset. IEEE Access 9, 22351–22370 (2021)

    Article  Google Scholar 

  7. Azizan, A.H., et al.: A machine learning approach for improving the performance of network intrusion detection systems. Ann. Emerging Technol. Comput. (AETiC) 5(5), (2021)

    Google Scholar 

  8. Zulhilmi, A., Mostafa, S.A., Khalaf, B.A., Mustapha, A., Tenah, S.S.: A comparison of three machine learning algorithms in the classification of network intrusion. In: Anbar, M., Abdullah, N., Manickam, S. (eds.) ACeS 2020. CCIS, vol. 1347, pp. 313–324. Springer, Singapore (2021). https://doi.org/10.1007/978-981-33-6835-4_21

    Chapter  Google Scholar 

  9. Khalaf, B.A., Mostafa, S.A., Mustapha, A., Mohammed, M.A., Abduallah, W.M.: Comprehensive review of artificial intelligence and statistical approaches in distributed denial of service attack and defense methods. IEEE Access 7, 51691–51713 (2019)

    Google Scholar 

  10. Al-Othman, Z., Alkasassbeh, M., Baddar, S.A.-H.: A state-of-the-art review on IoT botnet attack detection. arXiv preprint arXiv:2010.13852 (2020)

  11. Ahmed, M.E., Kim, H.: DDoS attack mitigation in internet of things using software defined networking. In: Proceedings of 3rd IEEE International Conference on Big Data Computing Service and Applications, BigDataService, pp. 271–276 (2017)

    Google Scholar 

  12. Metz, R.: Finding insecurity in the internet of things. Technol. Rev 119(2), 76–77 (2016)

    Google Scholar 

  13. Suo, H., Wan, J., Zou, C., Liu, J.: Security in the internet of things: a review. In: Proceedings of 2012 International Conference on Computer Science and Electronics Engineering, ICCSEE 2012, vol. 3, pp. 648–651 (2012)

    Google Scholar 

  14. Doshi, R., Apthorpe, N., Feamster, N.: Machine learning DDoS detection for consumer internet of things devices. In: Proceedings 2018 IEEE Symposium on Security and Privacy Workshops, SPW, pp. 29–35 (2018)

    Google Scholar 

  15. Kolias, C., Kambourakis, G., Stavrou, A., Voas, J.: DDoS in the IoT: Mirai and other botnets. Computer 50(7), 80–84 (2017)

    Article  Google Scholar 

  16. Jia, Y., Zhong, F., Alrawais, A., Gong, B., Cheng, X.: Flowguard: an intelligent edge defense mechanism against IoT DDoS attacks. IEEE Internet Things J. 7(10), 9552–9562 (2020)

    Article  Google Scholar 

  17. Soe, Y.N., Feng, Y., Santosa, P.I., Hartanto, R., Sakurai, K.: Machine learning-based IoT-botnet attack detection with sequential architecture. Sensors 20(16), 4372 (2020)

    Article  Google Scholar 

  18. Parra, G.D.L.T., Rad, P., Choo, K.K.R., Beebe, N.: Detecting Internet of Things attacks using distributed deep learning. J. Netw. Comput. Appl. 163, 102662 (2020)

    Google Scholar 

  19. Ab Aziz, M.F., Mostafa, S.A., Foozy, C.F.M., Mohammed, M.A., Elhoseny, M., Abualkishik, A.: Integrating elman recurrent neural network with particle swarm optimization algorithms for an improved hybrid training of multidisciplinary datasets. Expert Syst. Appl. 183, 115441 (2021)

    Google Scholar 

  20. Kashinath, S.A., et al.: Review of data fusion methods for real-time and multi-sensor traffic flow analysis. IEEE Access 9, 51258–51276 (2021)

    Article  Google Scholar 

  21. Wu, J.: Introduction to convolutional neural networks. Natl. Key Lab Novel Softw. Technol. 5(23), 495 (2017)

    Google Scholar 

  22. Maseer, Z.K., Yusof, R., Mostafa, S.A., Bahaman, N., Musa, O., Al-rimy, B.A.S.: DeepIoT.IDS: hybrid deep learning for enhancing IoT network intrusion detection. CMC-Comput. Mater. Continua 69(3), 3945–3966 (2021)

    Google Scholar 

Download references

Acknowledgment

This paper is supported by the Center of Intelligent and Autonomous Systems (CIAS), Faculty of Computer Science and Information Technology, Universiti Tun Hussein Onn Malaysia (UTHM).

Author information

Authors and Affiliations

  1. Faculty of Computer Science and Information Technology, Universiti Tun Hussein Onn Malaysia, 86400, Parit Raja, Johor, Malaysia

    Abdulkareem A. Hezam, Salama A. Mostafa, Azizul Azhar Ramli & Hairulnizam Mahdin

  2. Department of Medical Instruments Engineering Techniques, Bilad Alrafidain University College, Ba’aqubah, 32001, Diyala, Iraq

    Bashar Ahmed Khalaf

Authors
  1. Abdulkareem A. Hezam
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Salama A. Mostafa
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Azizul Azhar Ramli
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Hairulnizam Mahdin
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Bashar Ahmed Khalaf
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Salama A. Mostafa .

Editor information

Editors and Affiliations

  1. Hodeidah University, Hodeidah, Yemen

    Nibras Abdullah

  2. Universiti Sains Malaysia, Penang, Malaysia

    Selvakumar Manickam

  3. Universiti Sains Malaysia, Penang, Malaysia

    Mohammed Anbar

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Hezam, A.A., Mostafa, S.A., Ramli, A.A., Mahdin, H., Khalaf, B.A. (2021). Deep Learning Approach for Detecting Botnet Attacks in IoT Environment of Multiple and Heterogeneous Sensors. In: Abdullah, N., Manickam, S., Anbar, M. (eds) Advances in Cyber Security. ACeS 2021. Communications in Computer and Information Science, vol 1487. Springer, Singapore. https://doi.org/10.1007/978-981-16-8059-5_19

Download citation

  • DOI: https://doi.org/10.1007/978-981-16-8059-5_19

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-16-8058-8

  • Online ISBN: 978-981-16-8059-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics