Towards an efficient approach using graph-based evolutionary algorithm for IoT botnet detection

Authors

  • Quoc-Dung Ngo Posts and Telecommunications Institute of Technology, Hanoi
  • Huy-Trung Nguyen People's Security Academy, Hanoi

DOI:

https://doi.org/10.31449/inf.v47i6.3714

Abstract

In recent years, a large number of Internet of Things devices are used in life, many of which are vulnerable to attacks from a security perspective. Botnet malware is one of the main threats to IoT devices. Hence detection of IoT botnet is one of the most important challenge for IoT devices. This paper proposes an IoT botnet detection approach base on PSI graph data combine with evolutionary algorithm-based technique. To the best of our knowledge, there have been no studies that used evolutionary algorithms to support detecting multi-architecture IoT botnet. The proposed method has achieved good experimental results (i.e., 95.30%). The approach also achieves a relatively low false-positive rate at 4.59%.

References

Statista Research Department., “Internet of Things‐Number of connected devices worldwide 2015‐2025,” 2019. https://www.statista.com/statistics/471264/iot-number-of-connected-devices-worldwide/

“Al-Hadhrami, Y. and Hussain, F.K., 2021. DDoS attacks in IoT networks: a comprehensive systematic literature review. World Wide Web, 24(3), pp.971-1001.”

Sérgio S.C. Silva , Rodrigo M.P. Silva , Raquel C.G. Pinto , Ronaldo M. Salles, “Botnets: A survey,” J. Comput. Netw. Elsevier, vol. 57, no. 2, pp. 378–403, 2013.

Bertino, E. and Islam, N., “Botnets and internet of things security,” Computer, vol. 50, no. 2, pp. 76–79, 2017.

“Ozawa, S., Ban, T., Hashimoto, N., Nakazato, J. and Shimamura, J., 2020. A study of IoT malware activities using association rule learning for darknet sensor data. International Journal of Information Security, 19(1), pp.83-92.”

“Peters, W., Dehghantanha, A., Parizi, R.M. and Srivastava, G., 2020. A comparison of state-of-the-art machine learning models for OpCode-based IoT malware detection. In Handbook of Big Data Privacy (pp. 109-120). Springer, Cham.”

“Takase, H., Kobayashi, R., Kato, M. and Ohmura, R., 2020. A prototype implementation and evaluation of the malware detection mechanism for IoT devices using the processor information. International Journal of Information Security, 19(1), pp.71-81.”

Le, H.V. and Ngo, Q.D., “V-Sandbox for Dynamic Analysis IoT Botnet,” IEEE Access, vol. 8, pp. 145768–145786, 2020.

Nguyen, H.T., Ngo, Q.D. and Le, V.H., ., “A novel graph-based approach for IoT botnet detection,” Int. J. Inf. Secur., vol. 19, no. 5, pp. 567–577, 2020.

Ma, W., Duan, P., Liu, S., Gu, G. and Liu, J.C., “Shadow attacks: automatically evading system-call-behavior based malware detection,” J. Comput. Virol., vol. 8, no. 1, pp. 1–13, 2012.

“Quoc-Dung Ngo, Huy-Trung Nguyen, et al., A survey of IoT malware and detection methods based on static features, ICT Express, Volume 6, Issue 4, pp. 280-286, 2020.”

“Ngo, Q.D., Nguyen, H.T., Tran, H.A. and Nguyen, D.H., 2021, January. IoT Botnet detection based on the integration of static and dynamic vector features. In 2020 IEEE Eighth International Conference on Communications and Electronics (ICCE) (pp. 540-545). IEEE.”

“Xiao, L., Wan, X., Lu, X., Zhang, Y. and Wu, D., 2018. IoT security techniques based on machine learning: How do IoT devices use AI to enhance security?. IEEE Signal Processing Magazine, 35(5), pp.41-49.”

“Borello, J.M. and Mé, L., 2008. Code obfuscation techniques for metamorphic viruses. Journal in Computer Virology, 4(3), pp.211-220.”

“Souri, A. and Hosseini, R., 2018. A state-of-the-art survey of malware detection approaches using data mining techniques. Human-centric Computing and Information Sciences, 8(1), pp.1-22.”

Manavi, F. and Hamzeh, A., “A new approach for malware detection based on evolutionary algorithm,” 2019, pp. 1619–1624.

Shafiq, M.Z., Tabish, S.M. and Farooq, M., “On the appropriateness of evolutionary rule learning algorithms for malware detection,” 2009, pp. 2609–2616.

Rafique, M.Z., Chen, P., Huygens, C. and Joosen, W., “Evolutionary algorithms for classification of malware families through different network behaviors,” 2014, pp. 1167–1174.

“Lysenko, S., Bobrovnikova, K., Shchuka, R. and Savenko, O., 2020, May. A cyberattacks detection technique based on evolutionary algorithms. In 2020 IEEE 11th International Conference on Dependable Systems, Services and Technologies (DESSERT) (pp. 127-132). IEEE.”

“Hashemi, H., Azmoodeh, A., Hamzeh, A. and Hashemi, S., 2017. Graph embedding as a new approach for unknown malware detection. Journal of Computer Virology and Hacking Techniques, 13(3), pp.153-166.”

Santos, I., Brezo, F., Nieves, J., Penya, Y.K., Sanz, B., Laorden, C. and Bringas, P.G., “Idea: Opcode-sequence-based malware detection,” 2010, pp. 35–43.

Yin, C., Awlla, A.H., Yin, Z. and Wang, J., “Botnet detection based on genetic neural network,” Int. J. Secur. Its Appl., vol. 9, no. 11, pp. 97–104, 2015.

A. Narayanan, M. Chandramohan, R. Venkatesan, L. Chen, Y. Liu, and S. Jaiswal, “graph2vec: Learning distributed representations of graphs,” ArXiv Prepr. ArXiv170705005, 2017.

F. Hatwágner and A. Horváth, “Maintaining genetic diversity in bacterial evolutionary algorithm,” Ann. Univ Sci Bp. Sec Comp, vol. 37, pp. 175–194, 2012.

H. HaddadPajouh, A. Dehghantanha, R. Khayami, and K.-K. R. Choo, “A deep recurrent neural network based approach for internet of things malware threat hunting,” Future Gener. Comput. Syst., vol. 85, pp. 88–96, 2018.

J. Su, D. V. Vasconcellos, S. Prasad, D. Sgandurra, Y. Feng, and K. Sakurai, “Lightweight classification of IoT malware based on image recognition,” 2018, vol. 2, pp. 664–669.

Downloads

Published

2023-05-31

How to Cite

Ngo, Q.-D., & Nguyen, H.-T. (2023). Towards an efficient approach using graph-based evolutionary algorithm for IoT botnet detection. Informatica, 47(6). https://doi.org/10.31449/inf.v47i6.3714

Issue

Vol. 47 No. 6 (2023): Online-only issue

Section

Online-only

License

I assign to Informatica, An International Journal of Computing and Informatics ("Journal") the copyright in the manuscript identified above and any additional material (figures, tables, illustrations, software or other information intended for publication) submitted as part of or as a supplement to the manuscript ("Paper") in all forms and media throughout the world, in all languages, for the full term of copyright, effective when and if the article is accepted for publication. This transfer includes the right to reproduce and/or to distribute the Paper to other journals or digital libraries in electronic and online forms and systems.

I understand that I retain the rights to use the pre-prints, off-prints, accepted manuscript and published journal Paper for personal use, scholarly purposes and internal institutional use.

In certain cases, I can ask for retaining the publishing rights of the Paper. The Journal can permit or deny the request for publishing rights, to which I fully agree.

I declare that the submitted Paper is original, has been written by the stated authors and has not been published elsewhere nor is currently being considered for publication by any other journal and will not be submitted for such review while under review by this Journal.  The Paper contains no material that violates proprietary rights of any other person or entity. I have obtained written permission from copyright owners for any excerpts from copyrighted works that are included and have credited the sources in my article. I have informed the co-author(s) of the terms of this publishing agreement.


Copyright ©  Slovenian Society Informatika