Towards a Universal Features Set for IoT Botnet Attacks Detection

TL;DR

This paper proposes a universal feature set for IoT botnet attack detection, improving cross-dataset detection performance of machine learning models across diverse attack patterns.

Contribution

Introduction of a universal features set that enhances IoT botnet attack detection across multiple datasets, addressing dataset-specific limitations of previous methods.

Findings

Universal features set improves detection accuracy across datasets

Machine learning models trained on the proposed features generalize better

Enhanced robustness against diverse attack patterns

Abstract

The security pitfalls of IoT devices make it easy for the attackers to exploit the IoT devices and make them a part of a botnet. Once hundreds of thousands of IoT devices are compromised and become the part of a botnet, the attackers use this botnet to launch the large and complex distributed denial of service (DDoS) attacks which take down the target websites or services and make them unable to respond the legitimate users. So far, many botnet detection techniques have been proposed but their performance is limited to a specific dataset on which they are trained. This is because the features used to train a machine learning model on one botnet dataset, do not perform well on other datasets due to the diversity of attack patterns. Therefore, in this paper, we propose a universal features set to better detect the botnet attacks regardless of the underlying dataset. The proposed features set manifest preeminent results for detecting the botnet attacks when tested the trained machine learning models over three different botnet attack datasets.