Dr Christopher McDermott c.d.mcdermott@rgu.ac.uk
Lecturer
Towards situational awareness of botnet activity in the Internet of Things
McDermott, Christopher D.; Petrovski, Andrei V.; Majdani, Farzan
Authors
Andrei V. Petrovski
Farzan Majdani
Abstract
An IoT botnet detection model is designed to detect anomalous attack traffic utilised by the mirai botnet malware. The model uses a novel application of Deep Bidirectional Long Short Term Memory based Recurrent Neural Network (BLSTMRNN), in conjunction with Word Embedding, to convert string data found in captured packets, into a format usable by the BLSTM-RNN. In doing so, this paper presents a solution to the problem of detecting and making consumers situationally aware when their IoT devices are infected, and forms part of a botnet. The proposed model addresses the issue of detection, and returns high accuracy and low loss metrics for four attack vectors used by the mirai botnet malware, with only one attack vector shown to be difficult to detect and predict. A labelled dataset was generated and used for all experiments, to test and validate the accuracy and data loss in the detection model. This dataset is available upon request.
Citation
MCDERMOTT, C.D., PETROVSKI, A.V. and MAJDANI, F. 2018. Towards situational awareness of botnet activity in the Internet of Things. In Proceedings of the 2018 International conference on cyber situational awareness, data analytics and assessment (Cyber SA 2018): cyber situation awareness as a tool for analysis and insight, 11-12 June 2018, Glasgow, UK. Piscataway: IEEE [online], article number 8551408. Available from: https://doi.org/10.1109/CyberSA.2018.8551408
| Presentation Conference Type | Conference Paper (published) |
|---|---|
| Conference Name | 2018 International conference on cyber situational awareness, data analytics and assessment (Cyber SA 2018): cyber situation awareness as a tool for analysis and insight |
| Start Date | Jun 11, 2018 |
| End Date | Jun 12, 2018 |
| Acceptance Date | Apr 4, 2018 |
| Online Publication Date | Jun 11, 2018 |
| Publication Date | Nov 29, 2018 |
| Deposit Date | May 7, 2018 |
| Publicly Available Date | Jun 11, 2018 |
| Publisher | Institute of Electrical and Electronics Engineers (IEEE) |
| Peer Reviewed | Peer Reviewed |
| Article Number | 8551408 |
| ISBN | 9781538645666 |
| DOI | https://doi.org/10.1109/CyberSA.2018.8551408 |
| Keywords | Situational awareness; Long short term memory networks; Deep learning; IoT; Botnet; Mirai; DDoS; Word embedding |
| Public URL | http://hdl.handle.net/10059/2904 |
| Contract Date | May 7, 2018 |
Files
MCDERMOTT 2018 Towards situational awareness
(404 Kb)
PDF
Publisher Licence URL
https://creativecommons.org/licenses/by-nc/4.0/
You might also like
A system dynamics approach to evaluate advanced persistent threat vectors.
(2023)
Journal Article
A crime scene reconstruction for digital forensic analysis: an SUV case study.
(2023)
Journal Article
Botnet detection in the Internet of Things using deep learning approaches.
(2018)
Presentation / Conference Contribution