Bot Detection in an IoT Environment using Machine Learning algorithms and Network Traffic Analysis
Abstract
Internet of Things (IoT) is one of the fastest expanding technologies today. The number of
IoT-connected devices will reach 24.1 billion by 2030. These devices are used everywhere
throughout the globe. However, IoTs are being an attractive target to adversaries attacks due
to their poor security standards. One famous enemy for IoT devices is Botnet malware. The
Botnet aims for weak devices of IoT and compromises them in order to initialize malicious
activities. Unfortunately, the infected devices do not show any compromise indicators,
making it very challenging to detect their existence. Therefore, this research proposes a
novel approach for detecting IoT’s Botnet attack using Machine learning algorithms. The
tool uses Network-based traffic, with three ML algorithms: Random Forest, Naive Bayes,
and Decision Tree. The tool can convert raw PCAP files to CSV with the same structure as
the used dataset to quickly detect any IoT network traffic file. It uses a unique approach that
uses eight models (a model is assigned for each attack). This approach allows the tool to be
very accurate and fast regarding detection. The proposed tool was tested and evaluated,
and the results show that the approach is very accurate in detecting botnet attacks in IoT
traffic.