Christopher D. McDermott
Towards situational awareness of botnet activity in the Internet of Things
McDermott, Christopher D.; Petrovski, Andrei V.; Majdani, Farzan
Doctor Andrei Petrovski firstname.lastname@example.org
An IoT botnet detection model is designed to detect anomalous attack traffic utilised by the mirai botnet malware. The model uses a novel application of Deep Bidirectional Long Short Term Memory based Recurrent Neural Network (BLSTMRNN), in conjunction with Word Embedding, to convert string data found in captured packets, into a format usable by the BLSTM-RNN. In doing so, this paper presents a solution to the problem of detecting and making consumers situationally aware when their IoT devices are infected, and forms part of a botnet. The proposed model addresses the issue of detection, and returns high accuracy and low loss metrics for four attack vectors used by the mirai botnet malware, with only one attack vector shown to be difficult to detect and predict. A labelled dataset was generated and used for all experiments, to test and validate the accuracy and data loss in the detection model. This dataset is available upon request.
MCDERMOTT, C.D., PETROVSKI, A.V. and MAJDANI, F. 2018. Towards situational awareness of botnet activity in the Internet of Things. In Proceedings of the 2018 International conference on cyber situational awareness, data analytics and assessment (Cyber SA 2018): cyber situation awareness as a tool for analysis and insight, 11-12 June 2018, Glasgow, UK. Piscataway: IEEE [online], article number 8551408. Available from: https://doi.org/10.1109/CyberSA.2018.8551408
|Conference Name||2018 International conference on cyber situational awareness, data analytics and assessment (Cyber SA 2018): cyber situation awareness as a tool for analysis and insight|
|Conference Location||Glasgow, UK|
|Start Date||Jun 11, 2018|
|End Date||Jun 12, 2018|
|Acceptance Date||Apr 4, 2018|
|Online Publication Date||Jun 11, 2018|
|Publication Date||Nov 29, 2018|
|Deposit Date||May 7, 2018|
|Publicly Available Date||Jun 11, 2018|
|Publisher||Institute of Electrical and Electronics Engineers|
|Keywords||Situational awareness; Long short term memory networks; Deep learning; IoT; Botnet; Mirai; DDoS; Word embedding|
MCDERMOTT 2018 Towards situational awareness
Publisher Licence URL
You might also like
Towards a conversational agent for threat detection in the internet of things.
Dimensions of ‘socio’ vulnerabilities of advanced persistent threats.
Botnet detection in the Internet of Things using deep learning approaches.