Skip to main content

Research Repository

Advanced Search

Towards situational awareness of botnet activity in the Internet of Things

McDermott, Christopher D.; Petrovski, Andrei V.; Majdani, Farzan

Authors

Christopher D. McDermott

Farzan Majdani



Abstract

An IoT botnet detection model is designed to detect anomalous attack traffic utilised by the mirai botnet malware. The model uses a novel application of Deep Bidirectional Long Short Term Memory based Recurrent Neural Network (BLSTMRNN), in conjunction with Word Embedding, to convert string data found in captured packets, into a format usable by the BLSTM-RNN. In doing so, this paper presents a solution to the problem of detecting and making consumers situationally aware when their IoT devices are infected, and forms part of a botnet. The proposed model addresses the issue of detection, and returns high accuracy and low loss metrics for four attack vectors used by the mirai botnet malware, with only one attack vector shown to be difficult to detect and predict. A labelled dataset was generated and used for all experiments, to test and validate the accuracy and data loss in the detection model. This dataset is available upon request.

Citation

MCDERMOTT, C.D., PETROVSKI, A.V. and MAJDANI, F. 2018. Towards situational awareness of botnet activity in the Internet of Things. In Proceedings of the 2018 International conference on cyber situational awareness, data analytics and assessment (Cyber SA 2018): cyber situation awareness as a tool for analysis and insight, 11-12 June 2018, Glasgow, UK. Piscataway: IEEE [online], article number 8551408. Available from: https://doi.org/10.1109/CyberSA.2018.8551408

Conference Name 2018 International conference on cyber situational awareness, data analytics and assessment (Cyber SA 2018): cyber situation awareness as a tool for analysis and insight
Conference Location Glasgow, UK
Start Date Jun 11, 2018
End Date Jun 12, 2018
Acceptance Date Apr 4, 2018
Online Publication Date Jun 11, 2018
Publication Date Nov 29, 2018
Deposit Date May 7, 2018
Publicly Available Date Jun 11, 2018
Publisher Institute of Electrical and Electronics Engineers
Article Number 8551408
ISBN 9781538645666
DOI https://doi.org/10.1109/CyberSA.2018.8551408
Keywords Situational awareness; Long short term memory networks; Deep learning; IoT; Botnet; Mirai; DDoS; Word embedding
Public URL http://hdl.handle.net/10059/2904

Files





You might also like



Downloadable Citations