Saied Mohamed, Guirguis Shawkat, Madbouly Magda
Institute of Graduate Studies and Research, Alexandria, Egypt.
Sci Rep. 2023 Dec 7;13(1):21632. doi: 10.1038/s41598-023-48681-6.
Enhancing IoT security is a corner stone for building trust in its technology and driving its growth. Limited resources and diversified nature of IoT devices make them vulnerable to attacks. Botnet attacks compromise the IoT systems and can pose significant security challenges. Numerous investigations have utilized machine learning and deep learning techniques to identify botnet attacks in IoT. However, achieving high detection accuracy with reasonable computational requirements is still a challenging research considering the particularity of IoT. This paper aims to analytically study the performance of the tree based machine learning in detecting botnet attacks for IoT ecosystems. Through an empirical study performed on a public botnet dataset of IoT environment, basic decision tree algorithm in addition to ensemble learning of different bagging and boosting algorithms are compared. The comparison covers two perspectives: IoT botnet detection capability and computational performance. Results demonstrated that the significant potential for the tree based ML algorithms in detecting network intrusions in IoT environments. The RF algorithm achieved the best performance for multi-class classification with accuracy rate of 0.999991. It achieved also the highest results in all other measures.
增强物联网安全性是建立对其技术的信任并推动其发展的基石。物联网设备资源有限且性质多样,使其容易受到攻击。僵尸网络攻击会危及物联网系统,并可能带来重大安全挑战。众多研究已利用机器学习和深度学习技术来识别物联网中的僵尸网络攻击。然而,考虑到物联网的特殊性,在满足合理计算要求的情况下实现高检测准确率仍是一项具有挑战性的研究。本文旨在分析研究基于树的机器学习在检测物联网生态系统中的僵尸网络攻击方面的性能。通过对一个公开的物联网环境僵尸网络数据集进行实证研究,比较了基本决策树算法以及不同装袋和提升算法的集成学习。比较涵盖两个方面:物联网僵尸网络检测能力和计算性能。结果表明,基于树的机器学习算法在检测物联网环境中的网络入侵方面具有巨大潜力。随机森林(RF)算法在多类分类中表现最佳,准确率达到0.999991。它在所有其他指标上也取得了最高成绩。
