Detecting Malicious Botnets in IoT Networks Using Machine Learning Techniques

The widespread use of the Internet of Things (IoT) has led to a rise in botnet attacks, with the Mirai botnet being a major source of Distributed notoriety for its involvement in large-scale attacks that compromised numerous IoT devices through also known as Gafgyt or Lizkebab, targets vulnerable IoT devices by exploiting the Shellshock vulnerability in Linux-based systems. These botnets leverage compromised devices to carry out malicious activities and the propagation of malware. have been proposed to identify botnets, however, simultaneously is challenging as their attack characteristics are not very similar. In this study, we apply ML techniques like Logistic Regression, Support Vector Machine and Random Forest to classify the malicious traffic from Mirai and Bashlite botnets. The publicly available NBaIoT dataset is used for the training of algorithms to identify the most informative features to detect contains traffic data from nine infected devices against five protocols. The employed machine accuracy above 99%, with Random Forest performing the best. Our analysis shows that characteristics like weight or variance calculated within a certain time window.