TWO-PHASE MACHINE LEARNING APPROACH TO MITIGATE AND IDENTIFY IOT BOTNET THREATS

Abstract

The proliferation of Internet of Things (IoT) devices has expanded the attack surface for cyber threats, particularly IoT botnet attacks that can disrupt services and compromise data security. This paper proposes a two-phase machine learning approach aimed at both preventing and detecting IoT botnet attacks in real-time. The first phase focuses on proactive prevention by identifying vulnerable devices and potential attack vectors using supervised learning models trained on network traffic features. The second phase employs anomaly detection techniques to identify ongoing botnet activities with minimal false positives. Experimental results on benchmark IoT datasets demonstrate that the proposed framework effectively balances detection accuracy and computational efficiency, thereby enhancing the security posture of IoT networks. This dualphase method offers a comprehensive solution for securing IoT ecosystems against evolving botnet threats