Skip to main content
Book cover

International Conference on Forthcoming Networks and Sustainability in the IoT Era

FoNeS-IoT 2020: Forthcoming Networks and Sustainability in the IoT Era pp 96–110Cite as

Analysis of Machine Learning Techniques for Lightweight DDoS Attack Detection on IoT Networks

Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST,volume 353)

Abstract

As botnet style distributed denial of service (DDoS) attacks continue to proliferate the Internet of Things (IoT) landscape, researchers have struggled to provide a definitive way of addressing concerns related to the IoT’s security. In this paper, we work from the axiom that DDoS attacks are easiest to detect at the target of the attack but are best mitigated closer to the attacker by implementing four machine learning models that detect botnet-infected DDoS attackers on their access network. These models operate on network packet counts, which can easily be gathered by an access router, and run in real-time or near real-time, even on a low power device, namely a Raspberry Pi. We introduce a novel method for visualizing network activity as graphical heatmaps and use convolutional neural network (CNN) models designed for embedded devices and mobile platforms to classify network traffic as benign or malicious. We compare this approach using a support vector machine (SVM) and a long short-term memory recurrent neural network (LSTM). Based on our results, we conclude that the use of lightweight CNNs to analyze network traffic through graphical heatmaps provides highly accurate botnet-based DDoS attack detection for IoT access networks, with an average accuracy of 99.8%, despite our training dataset being between 73×–2170× smaller than those seen in related works, and runtimes ranging from 334 ms to 2 s on a Raspberry Pi.

Keywords

  • Convolutional neural networks
  • Deep learning
  • Distributed denial of service attacks
  • IoT security
  • LSTM
  • Support vector machines

This is a preview of subscription content, access via your institution.

Chapter
USD   29.95
Price excludes VAT (Canada)
  • DOI: 10.1007/978-3-030-69431-9_8
  • Chapter length: 15 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   39.99
Price excludes VAT (Canada)
  • ISBN: 978-3-030-69431-9
  • Instant EPUB and PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   54.99
Price excludes VAT (Canada)
  • ISBN: 978-3-030-69430-2
  • Dispatched in 3 to 5 business days
  • Exclusive offer for individuals only
  • Free shipping worldwide
    See shipping information.
  • Tax calculation will be finalised during checkout
Learn about institutional subscriptions
Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.

References

  1. Al-Garadi, M.A., Mohamed, A., Al-Ali, A., Du, X., Guizani, M.: A survey of machine and deep learning methods for Internet of Things (IoT) security (2018). https://arxiv.org/abs/1807.11023

  2. Tang, J., Sun, D., Liu, S., Gaudiot, J.-L.: Enabling deep learning on IoT devices. Computer 50(10), 92–96 (2017)

    CrossRef  Google Scholar 

  3. Diro, A.A., Chilamkurti, N.: Distributed attack detection scheme using deep learning approach for Internet of Things. Future Gener. Comput. Syst. 82, 761–768 (2018)

    CrossRef  Google Scholar 

  4. McDermott, C.D., Majdani, F., Petrovski, A.V.: Botnet detection in the Internet of Things using deep learning approaches. In: 2018 International Joint Conference on Neural Networks (IJCNN), pp. 1–8 (2018)

    Google Scholar 

  5. Meidan, Y., et al.: N-BaIoT—network-based detection of IoT Botnet attacks using deep autoencoders. In: IEEE Pervasive Computing, vol. 17, no. 3, pp. 12–22, July–September 2018

    Google Scholar 

  6. Bhardwaj, K., Miranda, J.C., Gavrilovska, A.: Towards IoT-DDoS prevention using edge computing. In: Proceedings USENIX Workshop Hot Topics Edge Computing (2018)

    Google Scholar 

  7. Bhunia, S.S., Gurusamy, M.: Dynamic attack detection and mitigation in IoT using SDN. In: 27th International Telecommunication Networks and Applications Conference (ITNAC), pp. 1–6. IEEE (2017)

    Google Scholar 

  8. Iandola, F.N., Han, S., Moskewicz, M.W., Ashraf, K., Dally, W.J., Keutzer, K.: Squeezenet: alexnet-level accuracy with 50x fewer parameters and, 0.5mb model size. arXiv:1602.07360, 2016

  9. Howard, A.G., et al.: MobileNets: efficient convolutional nueral networks for mobile vision applications. https://arxiv.org/abs/1704.04861, 2017

  10. Koroniotis, N., Moustafa, N., Sitnikova, E., Turnbull, B.: Towards the development of realistic botnet dataset in the internet of things for network forensic analytics: bot-IoT dataset. arXiv preprint arXiv:1811.00701, 2018

  11. Wang, A., Chang, W., Chen, S., Mohaisen, A.: Delving into internet DDoS attacks by botnets: characterization and analysis. IEEE/ACM Trans. Netw. 26(6), 2843–2855 (2018)

    CrossRef  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Missouri State University, Springfield, MO, 65897, USA

    Eric McCullough, Razib Iqbal & Ajay Katangur

Authors
  1. Eric McCullough
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Razib Iqbal
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ajay Katangur
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Eric McCullough .

Editor information

Editors and Affiliations

  1. Computer Engineering Department, Northern Cyprus Campus, Middle East Technical University, Mersin, Turkey

    Dr. Enver Ever

  2. Artificial Intelligence Department, Near East University, Nicosia, Turkey

    Dr. Fadi Al-Turjman

Rights and permissions

Reprints and Permissions

Copyright information

© 2021 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

McCullough, E., Iqbal, R., Katangur, A. (2021). Analysis of Machine Learning Techniques for Lightweight DDoS Attack Detection on IoT Networks. In: Ever, E., Al-Turjman, F. (eds) Forthcoming Networks and Sustainability in the IoT Era. FoNeS-IoT 2020. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 353. Springer, Cham. https://doi.org/10.1007/978-3-030-69431-9_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-69431-9_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-69430-2

  • Online ISBN: 978-3-030-69431-9

  • eBook Packages: Computer ScienceComputer Science (R0)