Enhancing IoT-Botnet Detection using Variational Auto-encoder and Cost-Sensitive Learning: A Deep Learning Approach for Imbalanced Datasets

TL;DR

This paper introduces a deep learning approach combining Variational Auto-encoder and cost-sensitive learning to improve IoT-botnet detection, especially for minority attack traffic in highly imbalanced datasets.

Contribution

It proposes a novel lightweight model leveraging VAE and cost-sensitive learning for enhanced detection of minority class IoT-botnet traffic.

Findings

Both DNN and BLSTM models achieved high accuracy and F1-score.

The approach effectively detects minority attack traffic.

Models perform well on imbalanced datasets.

Abstract

The Internet of Things (IoT) technology has rapidly gained popularity with applications widespread across a variety of industries. However, IoT devices have been recently serving as a porous layer for many malicious attacks to both personal and enterprise information systems with the most famous attacks being botnet-related attacks. The work in this study leveraged Variational Auto-encoder (VAE) and cost-sensitive learning to develop lightweight, yet effective, models for IoT-botnet detection. The aim is to enhance the detection of minority class attack traffic instances which are often missed by machine learning models. The proposed approach is evaluated on a multi-class problem setting for the detection of traffic categories on highly imbalanced datasets. The performance of two deep learning models including the standard feed forward deep neural network (DNN), and Bidirectional-LSTM (BLSTM) was evaluated and both recorded commendable results in terms of accuracy, precision, recall and F1-score for all traffic classes.