Evaluation of machine learning algorithms for IoT malware detection in the IoT-23 dataset
Abstract
This article presents an evaluation of different machine learning algorithms for malware detection in IoT devices using the IoT-23 dataset. Models based on Random Forest, SVM, decision tree, and a convolutional neural network were implemented and compared. The results show that the Random Forest algorithm achieved the highest accuracy, while the convolutional neural network and Random Forest obtained the best precision and F1-Score metrics. The data preprocessing methodology and evaluation metrics are detailed, providing a comprehensive overview of the models’ effectiveness and guiding future research.
References
Aboaoja, F. A., Zainal, A., Ghaleb, F. A., Al-rimy, B. A. S., Eisa, T. A. E., and Elnour, A. A. H. (2022). Malware detection issues, challenges, and future directions: A survey. Applied Sciences, 12(17):8482.
Alqudah, N. and Yaseen, Q. (2020). Machine learning for traffic analysis: a review. Procedia Computer Science, 170:911–916.
Alwashali, A. A. M. A., Abd Rahman, N. A., and Ismail, N. (2021). A survey of ransomware as a service (raas) and methods to mitigate the attack. In 2021 14th International Conference on Developments in eSystems Engineering (DeSE), pages 92–96. IEEE.
Balogh, Š., Mojžiš, J., and Krammer, P. (2022). Evaluation of system features used for malware detection. In Proceedings of the Future Technologies Conference (FTC) 2021, Volume 3, pages 46–59. Springer.
Darki, A., Faloutsos, M., Abu-Ghazaleh, N., Sridharan, M., et al. (2019). {IDAPro} for {IoT} malware analysis? In 12th USENIX Workshop on Cyber Security Experimentation and Test (CSET 19).
Garcia, S., Parmisano, A., and Erquiaga, M. J. (2020). IoT-23: A labeled dataset with malicious and benign IoT network traffic. More details here [link].
Gaurav, A., Gupta, B. B., and Panigrahi, P. K. (2023). A comprehensive survey on machine learning approaches for malware detection in iot-based enterprise information system. Enterprise Information Systems, 17(3):2023764.
Goncharov, E. (2024). Ics and ot threat predictions for 2024.
Gopinath, M. and Sethuraman, S. C. (2023). A comprehensive survey on deep learning based malware detection techniques. Computer Science Review, 47:100529.
Jeelani, F., Rai, D. S., Maithani, A., and Gupta, S. (2022). The detection of iot botnet using machine learning on iot-23 dataset. In 2022 2nd International Conference on Innovative Practices in Technology and Management (ICIPTM), volume 2, pages 634–639. IEEE.
Kolias, C., Kambourakis, G., Stavrou, A., and Voas, J. (2017). Ddos in the iot: Mirai and other botnets. Computer, 50(7):80–84.
Kumar, S. and Chandavarkar, B. (2023). Analysis of mirai malware and its components. In Machine Learning, Image Processing, Network Security and Data Sciences: Select Proceedings of 3rd International Conference on MIND 2021, pages 851–861. Springer.
Oha, C. V., Farouk, F. S., Patel, P. P., Meka, P., Nekkanti, S., Nayini, B., Carvalho, S. X., Desai, N., Patel, M., and Butakov, S. (2021). Machine learning models for malicious traffic detection in iot networks/iot-23 dataset. In International Conference on Machine Learning for Networking, pages 69–84. Springer.
Razaulla, S., Fachkha, C., Markarian, C., Gawanmeh, A., Mansoor, W., Fung, B. C., and Assi, C. (2023). The age of ransomware: A survey on the evolution, taxonomy, and research directions. IEEE Access.
Salahdine, F., Han, T., and Zhang, N. (2023). Security in 5g and beyond recent advances and future challenges. Security and Privacy, 6(1):e271.
Souza, C. H. and Arima, C. H. (2024). A hybrid approach for malware detection in sdn-enabled iot scenarios. Internet Technology Letters, page e534.
Tayyab, U.-e.-H., Khan, F. B., Durad, M. H., Khan, A., and Lee, Y. S. (2022). A survey of the recent trends in deep learning based malware detection. Journal of Cybersecurity and Privacy, 2(4):800–829.
Yang, X., Shu, L., Liu, Y., Hancke, G. P., Ferrag, M. A., and Huang, K. (2022). Physical security and safety of iot equipment: A survey of recent advances and opportunities. IEEE Transactions on Industrial Informatics, 18(7):4319–4330.
Alqudah, N. and Yaseen, Q. (2020). Machine learning for traffic analysis: a review. Procedia Computer Science, 170:911–916.
Alwashali, A. A. M. A., Abd Rahman, N. A., and Ismail, N. (2021). A survey of ransomware as a service (raas) and methods to mitigate the attack. In 2021 14th International Conference on Developments in eSystems Engineering (DeSE), pages 92–96. IEEE.
Balogh, Š., Mojžiš, J., and Krammer, P. (2022). Evaluation of system features used for malware detection. In Proceedings of the Future Technologies Conference (FTC) 2021, Volume 3, pages 46–59. Springer.
Darki, A., Faloutsos, M., Abu-Ghazaleh, N., Sridharan, M., et al. (2019). {IDAPro} for {IoT} malware analysis? In 12th USENIX Workshop on Cyber Security Experimentation and Test (CSET 19).
Garcia, S., Parmisano, A., and Erquiaga, M. J. (2020). IoT-23: A labeled dataset with malicious and benign IoT network traffic. More details here [link].
Gaurav, A., Gupta, B. B., and Panigrahi, P. K. (2023). A comprehensive survey on machine learning approaches for malware detection in iot-based enterprise information system. Enterprise Information Systems, 17(3):2023764.
Goncharov, E. (2024). Ics and ot threat predictions for 2024.
Gopinath, M. and Sethuraman, S. C. (2023). A comprehensive survey on deep learning based malware detection techniques. Computer Science Review, 47:100529.
Jeelani, F., Rai, D. S., Maithani, A., and Gupta, S. (2022). The detection of iot botnet using machine learning on iot-23 dataset. In 2022 2nd International Conference on Innovative Practices in Technology and Management (ICIPTM), volume 2, pages 634–639. IEEE.
Kolias, C., Kambourakis, G., Stavrou, A., and Voas, J. (2017). Ddos in the iot: Mirai and other botnets. Computer, 50(7):80–84.
Kumar, S. and Chandavarkar, B. (2023). Analysis of mirai malware and its components. In Machine Learning, Image Processing, Network Security and Data Sciences: Select Proceedings of 3rd International Conference on MIND 2021, pages 851–861. Springer.
Oha, C. V., Farouk, F. S., Patel, P. P., Meka, P., Nekkanti, S., Nayini, B., Carvalho, S. X., Desai, N., Patel, M., and Butakov, S. (2021). Machine learning models for malicious traffic detection in iot networks/iot-23 dataset. In International Conference on Machine Learning for Networking, pages 69–84. Springer.
Razaulla, S., Fachkha, C., Markarian, C., Gawanmeh, A., Mansoor, W., Fung, B. C., and Assi, C. (2023). The age of ransomware: A survey on the evolution, taxonomy, and research directions. IEEE Access.
Salahdine, F., Han, T., and Zhang, N. (2023). Security in 5g and beyond recent advances and future challenges. Security and Privacy, 6(1):e271.
Souza, C. H. and Arima, C. H. (2024). A hybrid approach for malware detection in sdn-enabled iot scenarios. Internet Technology Letters, page e534.
Tayyab, U.-e.-H., Khan, F. B., Durad, M. H., Khan, A., and Lee, Y. S. (2022). A survey of the recent trends in deep learning based malware detection. Journal of Cybersecurity and Privacy, 2(4):800–829.
Yang, X., Shu, L., Liu, Y., Hancke, G. P., Ferrag, M. A., and Huang, K. (2022). Physical security and safety of iot equipment: A survey of recent advances and opportunities. IEEE Transactions on Industrial Informatics, 18(7):4319–4330.
Published
2024-09-16
How to Cite
SOUZA, Cristian H. M.; ARIMA, Carlos H..
Evaluation of machine learning algorithms for IoT malware detection in the IoT-23 dataset. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 24. , 2024, São José dos Campos/SP.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2024
.
p. 767-772.
DOI: https://doi.org/10.5753/sbseg.2024.241472.
