CorrAUC: A Malicious Bot-IoT Traffic Detection Method in IoT Network Using Machine-Learning Techniques

Identification of anomaly and malicious traffic in the Internet-of-Things (IoT) network is essential for the IoT security to keep eyes and block unwanted traffic flows in the IoT network. For this purpose, numerous machine-learning (ML) technique models are presented by many researchers to block malicious traffic flows in the IoT network. However, due to the inappropriate feature selection, several ML models prone misclassify mostly malicious traffic flows. Nevertheless, the significant problem still needs to be studied more in-depth that is how to select effective features for accurate malicious traffic detection in the IoT network. To address the problem, a new framework model is proposed. First, a novel feature selection metric approach named CorrAUC is proposed, and then based on CorrAUC, a new feature selection algorithm named CorrAUC is developed and designed, which is based on the wrapper technique to filter the features accurately and select effective features for the selected ML algorithm by using the area under the curve (AUC) metric. Then, we applied the integrated TOPSIS and Shannon entropy based on a bijective soft set to validate selected features for malicious traffic identification in the IoT network. We evaluate our proposed approach by using the Bot-IoT data set and four different ML algorithms. The experimental results analysis showed that our proposed method is efficient and can achieve >96% results on average.

[1]  Ali Kashif Bashir,et al.  Data mining and machine learning methods for sustainable smart cities traffic classification: A survey , 2020, Sustainable Cities and Society.

[2]  Xiaojiang Du,et al.  Selection of effective machine learning algorithm and Bot-IoT attacks traffic identification for internet of things in smart city , 2020, Future Gener. Comput. Syst..

[3]  Xiaojiang Du,et al.  IoT malicious traffic identification using wrapper-based feature selection mechanisms , 2020, Comput. Secur..

[4]  Dongwen Zhang,et al.  Nei-TTE: Intelligent Traffic Time Estimation Based on Fine-Grained Time Derivation of Road Segments for Smart City , 2020, IEEE Transactions on Industrial Informatics.

[5]  Xiaojiang Du,et al.  A Distributed Deep Learning System for Web Attack Detection on Edge Devices , 2020, IEEE Transactions on Industrial Informatics.

[6]  Binxing Fang,et al.  A Survey on Access Control in the Age of Internet of Things , 2020, IEEE Internet of Things Journal.

[7]  Mohsen Guizani,et al.  Vcash: A Novel Reputation Framework for Identifying Denial of Traffic Service in Internet of Connected Vehicles , 2019, IEEE Internet of Things Journal.

[8]  Mohsen Guizani,et al.  A data-driven method for future Internet route decision modeling , 2019, Future Gener. Comput. Syst..

[9]  Puneet Tandon,et al.  An integrated Shannon entropy and TOPSIS for product design concept evaluation based on bijective soft set , 2017, Journal of Intelligent Manufacturing.

[10]  Jinqiao Shi,et al.  Toward a Comprehensive Insight Into the Eclipse Attacks of Tor Hidden Services , 2019, IEEE Internet of Things Journal.

[11]  Paulus Insap Santosa,et al.  Implementing Lightweight IoT-IDS on Raspberry Pi Using Correlation-Based Feature Selection and Its Performance Evaluation , 2019, AINA.

[12]  Mohsen Guizani,et al.  Evaluating Reputation Management Schemes of Internet of Vehicles Based on Evolutionary Game Theory , 2019, IEEE Transactions on Vehicular Technology.

[13]  Shen Su,et al.  Real-Time Lateral Movement Detection Based on Evidence Reasoning Network for Edge Computing Environment , 2019, IEEE Transactions on Industrial Informatics.

[14]  Shen Su,et al.  A Correlation-Change Based Feature Selection Method for IoT Equipment Anomaly Detection , 2019, Applied Sciences.

[15]  Elena Sitnikova,et al.  Towards the Development of Realistic Botnet Dataset in the Internet of Things for Network Forensic Analytics: Bot-IoT Dataset , 2018, Future Gener. Comput. Syst..

[16]  Jaime Lloret,et al.  Intelligent IoT Traffic Classification Using Novel Search Strategy for Fast-Based-Correlation Feature Selection in Industrial Environments , 2018, IEEE Internet of Things Journal.

[17]  Yuval Elovici,et al.  N-BaIoT—Network-Based Detection of IoT Botnet Attacks Using Deep Autoencoders , 2018, IEEE Pervasive Computing.

[18]  Xiaojiang Du,et al.  An Out-of-band Authentication Scheme for Internet of Things Using Blockchain Technology , 2018, 2018 International Conference on Computing, Networking and Communications (ICNC).

[19]  Hassan Nazeer Chaudhry,et al.  A machine learning approach for feature selection traffic classification using security analysis , 2018, The Journal of Supercomputing.

[20]  Zilong Ye,et al.  FOCUS: A fog computing-based security system for the Internet of Things , 2018, 2018 15th IEEE Annual Consumer Communications & Networking Conference (CCNC).

[21]  Bing-Yuan Cao,et al.  A New Type-2 Soft Set: Type-2 Soft Graphs and Their Applications , 2017, Adv. Fuzzy Syst..

[22]  Dawei Wang,et al.  Effective Feature Selection for 5G IM Applications Traffic Classification , 2017, Mob. Inf. Syst..

[23]  Muhammad Shafiq,et al.  Effective Packet Number for 5G IM WeChat Application at Early Stage Traffic Classification , 2017, Mob. Inf. Syst..

[24]  Nabin Kumar Karn,et al.  WeChat Text and Picture Messages Service Flow Traffic Classification Using Machine Learning Technique , 2016, 2016 IEEE 18th International Conference on High Performance Computing and Communications; IEEE 14th International Conference on Smart City; IEEE 2nd International Conference on Data Science and Systems (HPCC/SmartCity/DSS).

[25]  Nabin Kumar Karn,et al.  Network Traffic Classification techniques and comparative analysis using Machine Learning algorithms , 2016, 2016 2nd IEEE International Conference on Computer and Communications (ICCC).

[26]  Asif Ali Laghari,et al.  WeChat Text Messages Service Flow Traffic Classification Using Machine Learning Technique , 2016, 2016 6th International Conference on IT Convergence and Security (ICITCS).

[27]  Yuehui Chen,et al.  Effectiveness of Statistical Features for Early Stage Internet Traffic Identification , 2016, International Journal of Parallel Programming.

[28]  Diego López-de-Ipiña,et al.  ARIIMA: A Real IoT Implementation of a Machine-Learning Architecture for Reducing Energy Consumption , 2014, UCAmI.

[29]  Xiaojiang Du,et al.  Achieving big data privacy via hybrid cloud , 2014, 2014 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[30]  Hwee Pink Tan,et al.  Machine Learning in Wireless Sensor Networks: Algorithms, Strategies, and Applications , 2014, IEEE Communications Surveys & Tutorials.

[31]  Rajasekhar Mungara,et al.  A Routing-Driven Elliptic Curve Cryptography based Key Management Scheme for Heterogeneous Sensor Networks , 2014 .

[32]  Gang Lu,et al.  Feature selection for optimizing traffic classification , 2012, Comput. Commun..

[33]  Liang Wang,et al.  Using the IOT to construct ubiquitous learning environment , 2011, 2011 Second International Conference on Mechanic Automation and Control Engineering.

[34]  Xia Zhang,et al.  The bijective soft set with its operations , 2010, Comput. Math. Appl..

[35]  Tien-Chin Wang,et al.  Developing a fuzzy TOPSIS approach based on subjective weights and objective weights , 2009, Expert Syst. Appl..

[36]  Mohsen Guizani,et al.  Defending DoS Attacks on Broadcast Authentication in Wireless Sensor Networks , 2008, 2008 IEEE International Conference on Communications.

[37]  Mukesh Singhal,et al.  Security in wireless sensor networks , 2008, Wirel. Commun. Mob. Comput..

[38]  Xiaojiang Du,et al.  Internet Protocol Television (IPTV): The Killer Application for the Next-Generation Internet , 2007, IEEE Communications Magazine.

[39]  Xiaojiang Du,et al.  A survey of key management schemes in wireless sensor networks , 2007, Comput. Commun..

[40]  Xiaojiang Du,et al.  Self-healing sensor networks with distributed decision making , 2007, Int. J. Sens. Networks.

[41]  A. R. Roy,et al.  A fuzzy soft set theoretic approach to decision making problems , 2007 .

[42]  Mohsen Guizani,et al.  An effective key management scheme for heterogeneous sensor networks , 2007, Ad Hoc Networks.

[43]  Xiaojiang Du,et al.  Implementation and performance analysis of SNMP on a TLS/TCP base , 2001, 2001 IEEE/IFIP International Symposium on Integrated Network Management Proceedings. Integrated Network Management VII. Integrated Management Strategies for the New Millennium (Cat. No.01EX470).

[44]  D. Molodtsov Soft set theory—First results , 1999 .

[45]  Huan Liu,et al.  Feature Selection for Classification , 1997, Intell. Data Anal..

[46]  R. Fancher Galton on Examinations: An Unpublished Step in the Invention of Correlation , 1989, Isis.

[47]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1987, IEEE Transactions on Software Engineering.