Are Trees Really Green? A Detection Approach of IoT Malware Attacks

TL;DR

This paper introduces a resource-efficient machine learning approach using tree-based models to detect IoT malware attacks, emphasizing energy savings without sacrificing detection accuracy.

Contribution

It proposes a green methodology optimizing hyperparameters of tree-based models for energy efficiency in IoT attack detection.

Findings

Models maintain high detection accuracy.

Significant reduction in power consumption.

Suitable for resource-constrained IoT devices.

Abstract

Nowadays, the Internet of Things (IoT) is widely employed, and its usage is growing exponentially because it facilitates remote monitoring, predictive maintenance, and data-driven decision making, especially in the healthcare and industrial sectors. However, IoT devices remain vulnerable due to their resource constraints and difficulty in applying security patches. Consequently, various cybersecurity attacks are reported daily, such as Denial of Service, particularly in IoT-driven solutions. Most attack detection methodologies are based on Machine Learning (ML) techniques, which can detect attack patterns. However, the focus is more on identification rather than considering the impact of ML algorithms on computational resources. This paper proposes a green methodology to identify IoT malware networking attacks based on flow privacy-preserving statistical features. In particular, the hyperparameters of three tree-based models -- Decision Trees, Random Forest and Extra-Trees -- are optimized based on energy consumption and test-time performance in terms of Matthew's Correlation Coefficient. Our results show that models maintain high performance and detection accuracy while consistently reducing power usage in terms of watt-hours (Wh). This suggests that on-premise ML-based Intrusion Detection Systems are suitable for IoT and other resource-constrained devices.