Genetic Algorithm-Conditional Mutual Information Maximization based feature selection for Bot Attack Classification in IoT devices
DOI:
https://doi.org/10.13052/jmm1550-4646.1816Keywords:
Internet of Things, Botnet, intrusion detections, machine learning.Abstract
The evolution of computing is increasing in a vast manner that will integrate many physical objects and the internet to generate a new interconnection, such as the Internet of Things (IoT). It is estimated that the number of devices that will be interconnected to the internet will be more than trillions until 2025. Due to the lack of interoperability when these devices are interconnected in a vast heterogeneous network, it is tough to define and apply security mechanisms. The IoT networks have been exposed to many vulnerable attacks that disturb the network. Therefore, designing an intrusion detection system that provides additional security tools specific to IoT is needed to apply security mechanisms to detect the attacks in the network. In this paper, we propose a novel hybrid GA-CMIM machine learning algorithm that improves the efficiency in detecting the botnet intrusions with the set of optimal features that are selected from the dataset using a feature selection method.
Downloads
References
Zarpelao, B.B., Miani, R.S., Kawakani, C.T., de Alvarenga, S.C. A survey of intrusion detection in Internet of Things. J. Netw. Comput. Appl. 2017, 84, 25–37.
Christ, A., Gondal, I., Vamplew, P., Kamruzzaman, J. Survey of intrusion detection systems: Techniques, datasets, and challenges. Cybersecurity 2019, 2, 20.
Jing Liu & Yang Xiao et al., Botnet: Classification, Attacks, Detection, Tracing, and Preventive Measures, EURASIP Journal on Wireless Communications and Networking, Vol. 2009, Article ID 692654, 2009.
Panda, M., & Patra, M. R. (2007). Network intrusion detection using naive Bayes. International Journal of Computer Science and Network Security, 7 (12), 258–263.
Rafael A. Rodriguez-Gomez & Gabriel Macia-Fernandez, Pedro Garcia-Teodoro, Survey and Taxonomy of Botnet Research trough Life-Cycle, Journal of A.C.M. Computing Survey, Vol. 45 Issue 4, August 2013, Article No. 45.
C. Kolias, A. Stavrou, J. Voas, I. Bojanova, R. Kuhn, Learning Internet-of-things security “Hands-on”, IEEE Security and Privacy Jan/Feb 20 (February) (2016) pp. 2–11. doi:10.1109/MSP.2016.4.
Pragati Chandhankhede, Autonomous Botnets Detection, Journal of Information Engineering and Applications, ISSN 2224-5782 (print) ISSN 2225-0506 (online) Vol. 3, No. 13, 2013.
C. Modi, D. Patel, B. Borisaniya, H. Patel, A. Patel, M. Rajarajan, A survey of intrusion detection techniques in Cloud, Journal of Network and Computer Applications 36(1) (2013) 42–57.
Sergio S.C Silva, Rodrigo M.P. Silva, Raquel C.G. Pinto, Ronaldo M. Salles, Botnets: A Survey, Journal of Computer Networks 57, pp. 378–403, 2012.
Ashfaq, R.A.R., Wang, X.Z., Huang, J.Z., Abbas, H., He, Y.L. Fuzziness based semi-supervised learning approach for the intrusion detection system. Inf. Sci. 2017, 378, 484–497.
Roshna R.S. & Vinodh Ewards, Botnets Detection Using Adaptive Neuro-Fuzzy Inference System, International Journal of Engineering Research and Applications, Vol. 3, Issue 2, March–April 2013, pp. 1440–1445.
D. Singh, G. Tripathi, A. J. Jara, A survey of Internet-of-things: Future vision, architecture, challenges, and services, in Internet of Things (WF-IoT), 2014 IEEE World Forum on, IEEE, 2014, pp. 287–292.
Garc a-Teodoro, P., D az-Verdejo, J., Maci -Fern ndez, G., & V zquez, E. (2009). Anomaly-based network intrusiondetection: Techniques, systems and challenges. Computers & Security, 28 (1–2), 18–28. doi:10.1016/j.cose.2008.08.003
Pragati Chandhankhede, Autonomous Botnets Detection, Journal of Information Engineering and Applications, ISSN 2224-5782 (print) ISSN 2225-0506 (online) Vol. 3, No. 13, 2013.
Son T. Vuong & Mohammed S. Alam, Advanced Methods for Botnet Intrusion Detection Systems, Chapter in Book: Intrusion Detection Systems, ISBN: 978-953-307-167-1, 2011.
Sagar A. Yeshwantrao and Prof. Vilas J. Jadhav, Threats of Botnet to Internet Security and Respective Defense Strategies, International Journal of Emerging Technology and Advanced Engineering, Volume 4, Issue 1, January 2014.
Liao, H.J.; Lin, C.H.R.; Lin, Y.C.; Tung, K.Y. Intrusion detection system: A comprehensive review. J. Netw.Comput. Appl. 2013, 36, 16–24.
Jayveer Singh & Manisha J. Nene, A Survey on Machine Learning Techniques for Intrusion Detection System, International Journal of Advanced Research in Computer and Communication Engineering, Vol. 2, Issue 11, November 2013.
Christ, A.; Gondal, I.; Vamplew, P. An Anomaly Intrusion Detection System Using C5 Decision Tree Classifier. In Trends and Applications in Knowledge Discovery and Data Mining; Springer International Publishing: Cham, Switzerland, 2018; pp. 149–155.
Matija Stevanovic & Jens Myrup Pedersen, On the Use of Machine Learning for Identifying Botnet Network Traffic, Journal of Cyber Security, Vol. 4, pp. 1–32, 2016.
C. Livadas, R. Walsh, D. Lapsley, W. Strayer, Using machine learning techniques to identify botnet traffic, in Local Computer Networks, Proceedings 2006 31st IEEE Conference on, 2006, pp. 967–974. doi:10.1109/LCN.2006.322210.
M. Masud, T. Al-khateeb, L. Khan, B. Thuraisingham, K. Hamlen, Flow-based identification of botnet traffic by mining multiple log files, in Distributed Framework and Applications, 2008. D.F.A. 2008. First International Conference on, 2008, pp. 200–206. doi: 10.1109/ICDFMA. 2008.4784437.
H. Husna, S. Phithakkitnukoon, S. Palla, R. Dantu, Behavior analysis of spam botnets, in Communication Systems Software and Middleware workshops, 2008. COMSWARE 2008. 3rd International Conference on, 2008, pp. 246–253. doi: 10.1109/COMSWA.2008.4554418.
W. T. Strayer, D. Lapsley, R. Walsh, C. Livadas, Botnet detection based on network behavior, in W. Lee, C. Wang, D. Dagon (Eds.), Botnet Detection, Vol. 36 of Advances in Information Security, Springer, 2008, pp. 1–24.
Ramamoorthy, S., Prabu, M., & Balajee, J. M. (2021). Design and Evaluation of Wi-Fi Offloading Mechanism in Heterogeneous Networks. International Journal of e-Collaboration (IJeC), 17(1), 60–70.
S.-K. Noh, J.-H. Oh, J.-S. Lee, B.-N. Noh, H.-C. Jeong, Detecting p2p botnets using a multi-phased flow model, in Digital Society, 2009. ICDS’09. Third International Conference on, 2009, pp. 247–253. doi:10.1109/ICDS.2009.37.
C. Langin, H. Zhou, S. Rahimi, B. Gupta, M. Zargham, M. Sayeh, A self-organizing map and its modeling for discovering malignant network traffic, in Computational Intelligence in Cyber Security,2009. CICS ’09. IEEE Symposium on, 2009, pp. 122–129. doi:10.1109/CICYBS.2009.4925099.
W.-H. Liao, C.-C. Chang, Peer to peer botnet detection using data mining scheme, Internet Technology and Applications, 2010 International Conference on, 2010, pp. 1–4. doi:10.1109/ITAPP.2010.5566407.
H. Choi, H. Lee, Identifying botnets by capturing group activities in DNS traffic, Journal of Computer Networks 56 (2011) 20–33.
Vinoth Kumar, V., Karthikeyan, T., Praveen Sundar, P. V., Magesh, G., & Balajee, J. M. (2020). A Quantum Approach in LiFi Security using Quantum Key Distribution. International Journal of Advanced Science and Technology, 29, 2345–2354.
Moustafa, N., & Slay, J. (2014, May) UNSW NB15 DataSet for Network Intrusion Detection Systems. Retrieved from http://www.cybersecurity.unsw.adfa.edu.au/ADFA%20NB15%20Datasets
Hossin, Mohammad, and M. N. Sulaiman. “A review of evaluation metrics for data classification evaluations.” International Journal of Data Mining & Knowledge Management Process 5.2 (2015): 1.
Kumar, G. (2014). Evaluation metrics for intrusion detection systems-A study. Evaluation, 2(11), 11–7.