IoT Botnet Attack Detection Based on Optimized Extreme Gradient Boosting and Feature Selection

IoT Botnet Attack Detection Based on Optimized Extreme Gradient Boosting and Feature Selection

Nowadays, Internet of Things (IoT) technology has various network applications and has attracted the interest of many research and industrial communities. Particularly, the number of vulnerable or unprotected IoT devices has drastically increased, along with the amount of suspicious activity, such a...

Full description

Bibliographic Details
Main Authors: Mnahi Alqahtani, Hassan Mathkour, Mohamed Maher Ben Ismail
Format: Article
Language:English
Published: MDPI AG 2020-11-01
Series:Sensors
Subjects:
IoT botnet attacks
Fisher score method
feature selection
genetic-based extreme gradient boosting model
Online Access:https://www.mdpi.com/1424-8220/20/21/6336
id doaj-aff7089bfa9848189713bd426587e7cd
record_format Article
spelling doaj-aff7089bfa9848189713bd426587e7cd2020-11-25T04:00:16ZengMDPI AGSensors1424-82202020-11-01206336633610.3390/s20216336IoT Botnet Attack Detection Based on Optimized Extreme Gradient Boosting and Feature SelectionMnahi Alqahtani0Hassan Mathkour1Mohamed Maher Ben Ismail2Computer Science Department, College of Computer and Information Sciences, King Saud University, Riyadh 11543, Saudi ArabiaComputer Science Department, College of Computer and Information Sciences, King Saud University, Riyadh 11543, Saudi ArabiaComputer Science Department, College of Computer and Information Sciences, King Saud University, Riyadh 11543, Saudi ArabiaNowadays, Internet of Things (IoT) technology has various network applications and has attracted the interest of many research and industrial communities. Particularly, the number of vulnerable or unprotected IoT devices has drastically increased, along with the amount of suspicious activity, such as IoT botnet and large-scale cyber-attacks. In order to address this security issue, researchers have deployed machine and deep learning methods to detect attacks targeting compromised IoT devices. Despite these efforts, developing an efficient and effective attack detection approach for resource-constrained IoT devices remains a challenging task for the security research community. In this paper, we propose an efficient and effective IoT botnet attack detection approach. The proposed approach relies on a Fisher-score-based feature selection method along with a genetic-based extreme gradient boosting (GXGBoost) model in order to determine the most relevant features and to detect IoT botnet attacks. The Fisher score is a representative filter-based feature selection method used to determine significant features and discard irrelevant features through the minimization of intra-class distance and the maximization of inter-class distance. On the other hand, GXGBoost is an optimal and effective model, used to classify the IoT botnet attacks. Several experiments were conducted on a public botnet dataset of IoT devices. The evaluation results obtained using holdout and 10-fold cross-validation techniques showed that the proposed approach had a high detection rate using only three out of the 115 data traffic features and improved the overall performance of the IoT botnet attack detection process.https://www.mdpi.com/1424-8220/20/21/6336IoT botnet attacksFisher score methodfeature selectiongenetic-based extreme gradient boosting model
collection DOAJ
language English
format Article
sources DOAJ
author Mnahi Alqahtani
Hassan Mathkour
Mohamed Maher Ben Ismail
spellingShingle Mnahi Alqahtani
Hassan Mathkour
Mohamed Maher Ben Ismail
IoT Botnet Attack Detection Based on Optimized Extreme Gradient Boosting and Feature Selection
Sensors
IoT botnet attacks
Fisher score method
feature selection
genetic-based extreme gradient boosting model
author_facet Mnahi Alqahtani
Hassan Mathkour
Mohamed Maher Ben Ismail
author_sort Mnahi Alqahtani
title IoT Botnet Attack Detection Based on Optimized Extreme Gradient Boosting and Feature Selection
title_short IoT Botnet Attack Detection Based on Optimized Extreme Gradient Boosting and Feature Selection
title_full IoT Botnet Attack Detection Based on Optimized Extreme Gradient Boosting and Feature Selection
title_fullStr IoT Botnet Attack Detection Based on Optimized Extreme Gradient Boosting and Feature Selection
title_full_unstemmed IoT Botnet Attack Detection Based on Optimized Extreme Gradient Boosting and Feature Selection
title_sort iot botnet attack detection based on optimized extreme gradient boosting and feature selection
publisher MDPI AG
series Sensors
issn 1424-8220
publishDate 2020-11-01
description Nowadays, Internet of Things (IoT) technology has various network applications and has attracted the interest of many research and industrial communities. Particularly, the number of vulnerable or unprotected IoT devices has drastically increased, along with the amount of suspicious activity, such as IoT botnet and large-scale cyber-attacks. In order to address this security issue, researchers have deployed machine and deep learning methods to detect attacks targeting compromised IoT devices. Despite these efforts, developing an efficient and effective attack detection approach for resource-constrained IoT devices remains a challenging task for the security research community. In this paper, we propose an efficient and effective IoT botnet attack detection approach. The proposed approach relies on a Fisher-score-based feature selection method along with a genetic-based extreme gradient boosting (GXGBoost) model in order to determine the most relevant features and to detect IoT botnet attacks. The Fisher score is a representative filter-based feature selection method used to determine significant features and discard irrelevant features through the minimization of intra-class distance and the maximization of inter-class distance. On the other hand, GXGBoost is an optimal and effective model, used to classify the IoT botnet attacks. Several experiments were conducted on a public botnet dataset of IoT devices. The evaluation results obtained using holdout and 10-fold cross-validation techniques showed that the proposed approach had a high detection rate using only three out of the 115 data traffic features and improved the overall performance of the IoT botnet attack detection process.
topic IoT botnet attacks
Fisher score method
feature selection
genetic-based extreme gradient boosting model
url https://www.mdpi.com/1424-8220/20/21/6336
work_keys_str_mv AT mnahialqahtani iotbotnetattackdetectionbasedonoptimizedextremegradientboostingandfeatureselection
AT hassanmathkour iotbotnetattackdetectionbasedonoptimizedextremegradientboostingandfeatureselection
AT mohamedmaherbenismail iotbotnetattackdetectionbasedonoptimizedextremegradientboostingandfeatureselection
_version_ 1724451532304285696

Similar Items