Institute for Communication Technologies and Embedded Systems

Hybrid Deep Learning for Botnet Attack Detection in the Internet-of-Things Networks

Authors:
Popoola, S. ,  Abedisi, B. ,  Hammoudeh, M. ,  Gui, G. ,  Gacanin, H.
Journal:
IEEE Internet of Things Journal
Volume:
8
Publisher:
IEEE
Date:
Mar. 2021
DOI:
10.1109/JIOT.2020.3034156
hsb:
RWTH-2021-00290
Language:
English
Abstract:
Deep learning (DL) is an efficient method for botnet attack detection. However, the volume of network traffic data and memory space required is usually large. It is, therefore, almost impossible to implement the DL method in memory-constrained Internet-of-Things (IoT) devices. In this article, we reduce the feature dimensionality of large-scale IoT network traffic data using the encoding phase of long short-term memory autoencoder (LAE). In order to classify network traffic samples correctly, we analyze the long-term inter-related changes in the low-dimensional feature set produced by LAE using deep bidirectional long short-term memory (BLSTM). Extensive experiments are performed with the BoT-IoT data set to validate the effectiveness of the proposed hybrid DL method. Results show that LAE significantly reduced the memory space required for large-scale network traffic data storage by 91.89%, and it outperformed state-of-the-art feature dimensionality reduction methods by 18.92-27.03%. Despite the significant reduction in feature size, the deep BLSTM model demonstrates robustness against model underfitting and overfitting. It also achieves good generalisation ability in binary and multiclass classification scenarios.
Download:
BibTeX