Hybrid Deep Learning for Botnet Attack Detection in the Internet of Things Networks

Popoola, Segun I, Adebisi, Bamidele, Hammoudeh, Mohammad ORCID: https://orcid.org/0000-0003-1058-0996, Gui, Guan and Gacanin, Haris (2021) Hybrid Deep Learning for Botnet Attack Detection in the Internet of Things Networks. IEEE Internet of Things Journal, 8 (6). pp. 4944-4956. ISSN 2327-4662

Preview

Accepted Version Available under License In Copyright. Download (1MB) | Preview

Abstract

Deep Learning (DL) is an efficient method for botnet attack detection. However, the volume of network traffic data and memory space required is usually large. It is, therefore, almost impossible to implement the DL method in memory-constrained IoT devices. In this paper, we reduce the feature dimensionality of large-scale IoT network traffic data using the encoding phase of Long Short-Term Memory Autoencoder (LAE). In order to classify network traffic samples correctly, we analyse the long-term inter-related changes in the low-dimensional feature set produced by LAE using deep Bidirectional Long Short-Term Memory (BLSTM). Extensive experiments are performed with the BoT-IoT dataset to validate the effectiveness of the proposed hybrid DL method. Results show that LAE significantly reduced the memory space required for large-scale network traffic data storage by 91.89%, and it outperformed state-of-the-art feature dimensionality reduction methods by 18.92-27.03%. Despite the significant reduction in feature size, the deep BLSTM model demonstrates robustness against model under-fitting and over-fitting. It also achieves good generalisation ability in binary and multi-class classification scenarios.