Collaborative Device-level Botnet Detection for Internet of Things
Nasir, Muhammad Hassan and Arshad, Junaid and Khan, Muhammad Mubashir (2023) Collaborative Device-level Botnet Detection for Internet of Things. Computers and Security. ISSN 0167-4048
|
Text
Botnet_Detection_in_IoT_Repo.pdf - Accepted Version Available under License Creative Commons Attribution. Download (1MB) |
Abstract
Cyber attacks on the Internet of Things (IoT) have seen a significant increase in recent years. This is primarily due to the widespread adoption and prevalence of IoT within domestic and critical national infrastructures, as well as inherent security vulnerabilities within IoT endpoints. Therein, botnets have emerged as a major threat to IoT-based infrastructures targeting firmware vulnerabilities such as weak or default passwords to assemble an army of compromised devices which can serve as a lethal cyber-weapon against target systems, networks, and services. In this paper, we present our efforts to mitigate this challenge through the development of an intrusion detection system that resides within an IoT device to provide enhanced visibility thereby achieving security hardening of such devices. The device-level intrusion detection presented here is part of our research framework BTC_SIGBDS (Blockchain-powered, Trustworthy, Collaborative, Signature-based Botnet Detection System). We identify the research challenge through a systematic critical review of existing literature and present detailed design of the device-level component of the BTC_SIGBDS framework. We use a signature based detection scheme with trusted signature updates to strengthen protection against emerging attacks. We have evaluated the suitability and enhanced the capability through the generation of custom signatures of two of the most famous signature-based IDS with ISOT, IoT23, and BoTIoT datasets to assess the effectiveness with respect to detection of anomalous traffic within a typical resource constrained IoT network in terms of number of alerts, detection rates, detection time as well as in terms of peak CPU and memory usage.
| Item Type: | Article | ||||||
|---|---|---|---|---|---|---|---|
| Identification Number: | https://doi.org/10.1016/j.cose.2023.103172 | ||||||
| Dates: |
|
||||||
| Uncontrolled Keywords: | Internet of Things, Botnets, Intrusion detection, Device-level security | ||||||
| Subjects: | CAH11 - computing > CAH11-01 - computing > CAH11-01-01 - computer science | ||||||
| Divisions: | Faculty of Computing, Engineering and the Built Environment > School of Computing and Digital Technology | ||||||
| Depositing User: | Junaid Arshad | ||||||
| Date Deposited: | 07 Mar 2023 14:34 | ||||||
| Last Modified: | 22 Mar 2023 14:28 | ||||||
| URI: | https://www.open-access.bcu.ac.uk/id/eprint/14223 |
Actions (login required)
 |
View Item |
Tools
Tools