Abstract
Internet usage is increasing day by day all over the world and as a result, technology is also developing to make daily life appliances as smart as possible. Millions of devices are connected using IoT technology, and the vulnerabilities of these devices are still exploitable by attackers. Having access to IoT devices through a Bot Master allows the Bot Master to attack a targeted server with these devices. To detect malicious traffic in IoT networks, there is a need for an intelligent mechanism. Although there have been many studies on the detection of botnet malware, accuracy and efficiency remain a gap. This study focuses on an automatic system that can detect botnet malware with high accuracy. A new ensemble model has been proposed in this study, known as the Extra Tree Random Voting Ensemble Classifier (ER-VEC), which is a combination of two tree-based models called Extra Tree and Random Forest. The proposed model is tested on several malicious traffic in the IoT networks datasets such as IoTID20, MedBIoT, UNSW-NB15, N-BaIoT, and ER-VEC achieving 99.99%, 99.91%, 95.64%, and 100% accuracy scores, respectively. In comparison with the proposed model, other machine learning models were also employed, and ER-VEC significantly outperformed them in terms of accuracy, precision, recall, F1-score, and error rate across all datasets. In addition, we performed K-Fold cross-validation and found that ER-VEC achieved an accuracy score of 98% and a standard deviation of 0.04±.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.Data availability
The used dataset is available on the given link: https://cs.taltech.ee/research/data/medbiot/
References
Abu Al-Haija Q, Al-Dala’ien M (2022) Elba-iot: an ensemble learning model for botnet attack detection in iot networks. J Sens Actuator Netw 11(1):18
Ahmed MS, Shah SM (2022) Unsupervised ensemble based deep learning approach for attack detection in iot network. arXiv preprint arXiv:2207.07903
Al-Garadi MA, Mohamed A, Al-Ali A, Du X, Ali I, Guizani M (2020) A survey of machine and deep learning methods for internet of things (IoT) security. IEEE Commun Surv Tutorials 22(3):1646–1685. https://doi.org/10.1109/COMST.2020.2988293
Al-Hadhrami, Y, Hussain FK (2019) A machine learning architecture towards detecting denial of service attack in iot. In: Conference on Complex, Intelligent, and Software Intensive Systems, pp. 417–429, Springer,
Alrashdi I, Alqazzaz A, Aloufi E, Alharthi R, Zohdy M, Ming H (2019) Ad-iot: Anomaly detection of iot cyberattacks in smart city using machine learning. In: 2019 IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC), pp. 0305–0310, IEEE
Alsamiri J, Alsubhi K (2019) Internet of things cyber attacks detection using machine learning. Int J Adv Comput Sci Appl. https://doi.org/10.14569/IJACSA.2019.0101280
Azmoodeh A, Dehghantanha A, Choo K-KR (2018) Robust malware detection for internet of (battlefield) things devices using deep eigenspace learning. IEEE Trans Sustain Comput 4(1):88–95
Bahşi H, Nõmm S, La Torre FB (2018) Dimensionality reduction for machine learning based iot botnet detection. In: 2018 15th International Conference on Control, Automation, Robotics and Vision (ICARCV), pp. 1857–1862, IEEE
Banaamah AM, Ahmad I (2022) Intrusion detection in iot using deep learning. Sensors 22(21):8417
Bertino E, Islam N (2017) Botnets and internet of things security. Computer 50(2):76–79
Coetzee L, Eksteen J (2011) The internet of things-promise for the future? An introduction. In: 2011 IST-Africa Conference Proceedings, pp. 1–9, IEEE
Dange S, Chatterjee M (2020) Iot botnet: the largest threat to the iot network. Data communication and networks. Springer, Cham, pp 137–157
Dinakarrao SMP, Sayadi H, Makrani HM, Nowzari C, Rafatirad S, Homayoun H (2019) Lightweight node-level malware detection and network-level malware confinement in iot networks. In: 2019 Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 776–781, IEEE
Doshi R, Apthorpe N, Feamster N (2018) Machine learning ddos detection for consumer internet of things devices. In: 2018 IEEE Security and Privacy Workshops (SPW), pp. 29–35, IEEE
Emami-Naeini P, Dixon H, Agarwal Y, Cranor LF (2019) Exploring how privacy and security factor into iot device purchase behavior. In: Proceedings of the 2019 CHI Conference on Human Factors in Computing Systems, pp. 1–12
Ferrag MA, Maglaras L, Ahmim A, Derdour M, Janicke H (2020) Rdtids: rules and decision tree-based intrusion detection system for internet-of-things networks. Future Internet 12(3):44
Frank C, Nance C, Jarocki S, Pauli WE, Madison S (2017) Protecting iot from mirai botnets; iot device hardening. In: Proceedings of the Conference on Information Systems Applied Research, Austin, TX, USA, p. 1508
Ge M, Fu X, Syed N, Baig Z, Teo G, Robles-Kelly A (2019) Deep learning-based intrusion detection for iot networks. In :2019 IEEE 24th Pacific Rim International Symposium on Dependable Computing (PRDC), pp. 256–25609, IEEE
George A (2020) Distributed messaging system for the IoT edge. PhD thesis, The University of North Carolina at Charlotte,
George A, Ravindran A, Mendieta M, Tabkhi H (2021) Mez: an adaptive messaging system for latency-sensitive multi-camera machine vision at the iot edge. IEEE Access 9:21457–21473
Geurts P, Ernst D, Wehenkel L (2006) Extremely randomized trees. Mach Learn 63(1):3–42
Guerra-Manzanares A, Medina-Galindo J, Bahsi H, Nõmm S (2020) Medbiot: generation of an iot botnet dataset in a medium-sized iot network. ICISSP, pp. 207–218
Gupta GP et al (2022) Intrusion detection framework using an improved deep reinforcement learning technique for iot network. In: Ram K (ed) Soft computing for security applications. Springer, Cham, pp 765–779
HaddadPajouh H, Dehghantanha A, Khayami R, Choo K-KR (2018) A deep recurrent neural network based approach for internet of things malware threat hunting. Futur Gener Comput Syst 85:88–96
Hallman R, Bryan J, Palavicini G, Divita J, Romero-Mariona J (2017) Ioddos-the internet of distributed denial of sevice attacks. In: 2nd International Conference on Internet of Things, Big Data and Security. SCITEPRESS, pp. 47–58
Hasan MAM, Nasser M, Ahmad S, Molla KI (2016) Feature selection for intrusion detection using random forest. J Inf Secur 7(3):129–140
Hezam AA, Mostafa SA, Ramli AA, Mahdin H, Khalaf BA (2021) Deep learning approach for detecting botnet attacks in iot environment of multiple and heterogeneous sensors. In: International Conference on Advances in Cyber Security, pp. 317–328, Springer
Hilt S, Mercês F, Rosario M, Sancho D 2020 Worm war: The botnet battle for iot territory
Hossain TM, Wataada J, Hermana M, Aziz IA (2020) Supervised machine learning in electrofacies classification: a rough set theory approach. J Phys 1529:052048
Hussain F, Abbas SG, Shah GA, Pires IM, Fayyaz UU, Shahzad F, Garcia NM, Zdravevski E (2021) A framework for malicious traffic detection in iot healthcare environment. Sensors 21(9):3025
Ikeda S (2020) Iot-based ddos attacks are growing and making use of common vulnerabilities. https://www.cpomagazine.com/cyber-security/iot-based-ddos-attacks-are-growing-and-making-use-of-common-vulnerabilities/,
Intel A Guide to the internet of things infographic. Available online via Intel: http://www. intel. com/content/dam/www/public/us/en/images/iot/guide-to-iot-infographic. png (Accessed on 2016.01. 11)
Intelligence T (2020) 2020 SonicWall Cyber Threat Report. https://www.sonicwall.com/resources/white-papers/2020-sonicwall-cyber-threat-report/. Accessed 12 Aug 2023
Kambourakis G, Kolias C, Stavrou A (2017) The mirai botnet and the iot zombie armies. In: MILCOM 2017-2017 IEEE Military Communications Conference (MILCOM), pp. 267–272, IEEE
Kaur K, Mittal SK (2020) WITHDRAWN: Classification of mammography image with CNN-RNN based semantic features and extra tree classifier approach using LSTM. Mater Today Proc. https://doi.org/10.1016/j.matpr.2020.09.619
Khraisat A, Gondal I, Vamplew P, Kamruzzaman J, Alazab A (2019a) A novel ensemble of hybrid intrusion detection system for detecting internet of things attacks. Electronics 8(11):1210
Khraisat A, Gondal I, Vamplew P, Kamruzzaman J (2019b) Survey of intrusion detection systems: techniques, datasets and challenges. Cybersecurity 2(1):20
Kim H, Kim H, Moon H, Ahn H (2011) A weight-adjusted voting algorithm for ensembles of classifiers. J Korean Stat Soc 40:437–449
Kolias C, Kambourakis G, Stavrou A, Voas J (2017) Ddos in the iot: Mirai and other botnets. Computer 50(7):80–84
Koroniotis N, Moustafa N, Sitnikova E, Slay J (2017) Towards developing network forensic mechanism for botnet activities in the iot based on machine learning techniques. In: International Conference on Mobile Networks and Management, pp. 30–44, Springer
Li L, Zhang H, Peng H, Yang Y (2018) Nearest neighbors based density peaks approach to intrusion detection. Chaos Solitons Fractals 110:33–40
Li Z, Wei L, Li W, Wei L, Chen M, Lv M, Zhi X, Wang C, Gao N (2019) Research on ddos attack detection based on elm in iot environment. In: 2019 IEEE 10th International Conference on Software Engineering and Service Science (ICSESS), pp. 144–148, IEEE
Manyika J, Roxburgh C (2011) The great transformer: the impact of the internet on economic growth and prosperity. McKinsey Global Institute 1:0360–8581
McDermott CD, Petrovski AV, Majdani F (2018) Towards situational awareness of botnet activity in the internet of things. Institute of Electrical and Electronics Engineers
Meidan Y, Bohadana M, Mathov Y, Mirsky Y, Shabtai A, Breitenbacher D, Elovici Y (2018) N-baiot-network-based detection of iot botnet attacks using deep autoencoders. IEEE Pervasive Comput 17(3):12–22
Molitor T (2020) Coverage prediction for inter-frequency handover using machine learning with aggregated training data, p 57
Osborne C (2018) Meet torii, a new iot botnet far more sophisticated than mirai variants. https://www.zdnet.com/article/meet-torii-a-new-iot-botnet-far-more-sophisticated-than-mirai/. Accessed 12 Aug 2023
Pokhrel S, Abbas R, Aryal B (2021) Iot security: botnet detection in iot using machine learning. arXiv preprint arXiv:2104.02231
Popoola SI, Adebisi B, Ande R, Hammoudeh M, Anoh K, Atayero AA (2021) smote-drnn: a deep learning algorithm for botnet detection in the internet-of-things networks. Sensors 21(9):2985
Prokofiev AO, Smirnova YS, Surov VA (2018) A method to detect internet of things botnets. In: 2018 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus), pp. 105–108, IEEE
Rupapara V, Rustam F, Aljedaani W, Shahzad HF, Lee E, Ashraf I (2022) Blood cancer prediction using leukemia microarray gene data and hybrid logistic vector trees model. Sci Rep 12(1):1–15
Rustam F, Mushtaq MF, Hamza A, Farooq MS, Jurcut AD, Ashraf I (2022) Denial of service attack classification using machine learning with multi-features. Electronics 11(22):3817
Rustam F, Ashraf I, Jurcut AD, Bashir AK, Zikria YB (2023) Malware detection using image representation of malware data and transfer learning. J Parallel Distrib Comput 172:32–50
Rutkowski L, Jaworski M, Pietruczuk L, Duda P (2013) Decision trees for mining data streams based on the gaussian approximation. IEEE Trans Knowl Data Eng 26(1):108–119
Sahar N, Mishra R, Kalam S (2021) Deep learning approach-based network intrusion detection system for fog-assisted iot. In: Proceedings of international conference on big data, machine learning and their applications, pp. 39–50, Springer
Sahu AK, Sharma S, Tanveer M, Raja R (2021) Internet of things attack detection using hybrid deep learning model. Comput Commun 176:146–154
Salam A (2020) Internet of things in water management and treatment. In: Internet of Things for Sustainable Community Development, pp. 273–298, Springer
Salim MM, Rathore S, Park JH (2019) Distributed denial of service attacks and its defenses in iot: a survey’’. J Supercomput 76:5320
Sarwar A, Hasan S, Khan WU, Ahmed S, Marwat SNK (2022) Design of an advance intrusion detection system for iot networks. In: 2022 2nd International Conference on Artificial Intelligence (ICAI), pp. 46–51, IEEE
Seijo-Pardo B, Porto-Díaz I, Bolón-Canedo V, Alonso-Betanzos A (2017) Ensemble feature selection: homogeneous and heterogeneous approaches. Knowl-Based Syst 118:124–139
Shire R, Shiaeles S, Bendiab K, Ghita B, Kolokotronis N (2019) Malware squid: a novel iot malware traffic analysis framework using convolutional neural network and binary visualisation. Internet of things, smart spaces, and next generation networks and systems. Springer, Cham, pp 65–76
Siddiqui HUR, Saleem AA, Brown R, Bademci B, Lee E, Rustam F, Dudley S (2021) Non-invasive driver drowsiness detection system. Sensors 21(14):4833
Singh D, Tripathi G, Jara AJ (2014) A survey of internet-of-things: Future vision, architecture, challenges and services, in 2014 IEEE world forum on Internet of Things (WF-IoT), pp. 287–292, IEEE,
Soe YN, Feng Y, Santosa PI, Hartanto R, Sakurai K (2020) Machine learning-based iot-botnet attack detection with sequential architecture. Sensors 20(16):4372
Song Y-Y, Ying L (2015) Decision tree methods: applications for classification and prediction. Shanghai Arch Psychiatry 27(2):130
Su J, Vasconcellos VD, Prasad S, Daniele S, Feng Y, Sakurai K (2018) Lightweight classification of iot malware based on image recognition. In: 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC), vol. 2, pp. 664–669, IEEE
Syarif AR, Gata W (2017) Intrusion detection system using hybrid binary pso and k-nearest neighborhood algorithm. In: 2017 11th International Conference on Information & Communication Technology and System (ICTS), pp. 181–186, IEEE
Vishwakarma R, Jain AK (2020) A survey of ddos attacking techniques and defence mechanisms in the iot network. Telecommun Syst 73(1):3–25
Wellman B, Haythornthwaite C (2008) The internet in everyday life. John Wiley and Sons, Hoboken
Woods V, Van der Meulen R (2016) Gartner says worldwide lot security spending to reach \$348 million in 2016, in Gartner, Stamford
Yu T, Sekar V, Seshan S, Agarwal Y, Xu C (2015) Handling a trillion (unfixable) flaws on a billion devices: Rethinking network security for the internet-of-things. In: Proceedings of the 14th ACM Workshop on Hot Topics in Networks, pp. 1–7
Zhang Y, Zhang H, Cai J, Yang B (2014) A weighted voting classifier based on differential evolution. Abstract and applied analysis. Hindawi, London
Zhang S, Li X, Zong M, Zhu X, Cheng D (2017) Learning k for knn classification. ACM Trans Intell Syst Technol (TIST) 8(3):1–19
Zhao S, Li W, Zia T, Zomaya AY (2017) A dimension reduction model and classifier for anomaly-based intrusion detection in internet of things. In: 2017 IEEE 15th Intl Conf on Dependable, Autonomic and Secure Computing, 15th Intl Conf on Pervasive Intelligence and Computing, 3rd Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress (DASC/PiCom/DataCom/CyberSciTech), pp. 836–843, IEEE
Zhou W, Jia Y, Peng A, Zhang Y, Liu P (2018) The effect of iot new features on security and privacy: New threats, existing solutions, and challenges yet to be solved. IEEE Internet Things J 6(2):1606–1616
Author information
Authors and Affiliations
Corresponding authors
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Sarwar, A., Mushtaq, M.F., Akram, U. et al. IoT networks attacks detection using multi-novel features and extra tree random - voting ensemble classifier (ER-VEC). J Ambient Intell Human Comput 14, 16637–16651 (2023). https://doi.org/10.1007/s12652-023-04666-x
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12652-023-04666-x