Title: IoT attack prediction using big Bot-IoT data

Authors: Joffrey L. Leevy; Taghi M. Khoshgoftaar; John Hancock

Addresses: Department of Electrical Engineering and Computer Science, Florida Atlantic University, Boca Raton, FL, USA ' Department of Electrical Engineering and Computer Science, Florida Atlantic University, Boca Raton, FL, USA ' Department of Electrical Engineering and Computer Science, Florida Atlantic University, Boca Raton, FL, USA

Abstract: Bot-IoT is a recent and publicly available dataset that depicts attack traffic launched by BotNets against internet of things (IoT) networks. Normal (non-attack) traffic is represented by over 9,000 of the approximately 73,000,000 instances of big data that constitute this dataset. We present an easy-to-learn Bot-IoT approach, centred on the use of a minimum number of dataset features and a simple machine learning algorithm. Our contribution is defined by decision tree models built from derived Bot-IoT datasets with no more than three features. As per our definition of easy-to-learn, we require that predictive models have area under the receiver operating characteristic curve (AUC) mean scores greater than 0.99. According to our results, all the derived datasets produce easy-to-learn models. To the best of our knowledge, this work, in terms of its simplicity, interpretability, and performance, is an improvement over Bot-IoT classification approaches in existing literature.

Keywords: Bot-IoT; decision tree; easy-to-learn; intrusion detection; IoT; machine learning; denial-of-service; DoS; distributed denial-of-service; DDoS; information theft; reconnaissance.

DOI: 10.1504/IJITCA.2022.124373

International Journal of Internet of Things and Cyber-Assurance, 2022 Vol.2 No.1, pp.45 - 61

Received: 08 Mar 2022
Accepted: 29 Mar 2022
Published online: 25 Jul 2022 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article