EFFICIENT BOTNET DETECTION IN IOT NETWORKS USING A HYBRID MACHINE LEARNING APPROACH

Abstract

As internet technology advances and becomes more widely used, cyberattacks are becoming more frequent. One of the most damaging assaults was the botnet attack. Because of the many attack channels and the constant development of viruses, botnet detection is getting more difficult. The fast development of Internet of Things (IoT) technology has resulted in botnet assaults targeting several network devices, which have caused significant losses across various industries. Network security is seriously threatened by botnets, and deep learning models have shown the ability to effectively detect botnet activity from network traffic data. This study proposes a botnet detection system based on the stacking of recurrent neural networks (RNN), convolutional neural networks (CNN), artificial neural networks (ANN), and machine learning models (ACLR). Both the individual models and the suggested ACLR model for performance comparison are used in the tests. Nine distinct attack types, including "Normal," "Generic," "Exploits," "Fuzzers," "DoS," "Reconnaissance," "Analysis," "Backdoor," "Shell code," and "Worms," are included in the UNSW-NB15 dataset, which is utilised for botnet assaults. According to experimental data, the suggested ACLR model well captures the complex patterns and features of botnet assaults, achieving a testing accuracy of 0.9698. A K-fold cross-validation accuracy score of 0.9749 for the proposed ACLR model's k values (3, 5, 7, and 10) shows that k = 5 demonstrates the model's generalisability and resilience. Furthermore, the suggested model identifies botnets with a precision-recall area under the curve (PR-AUC) of 0.9950 and a high receiver operating characteristic area under the curve (ROC-AUC) of 0.9934. The higher performance of the suggested method is further supported by a comparison with current state-of-the-art models. The findings of this study may improve cyber security protocols and provide valuable defence against changing threats.