One-class Classification to Detect Botnets in IoT devices ∗

Resumo

With the increasing number of different Internet of Things devices, new threats to network security emerge due to these devices' low security. Botnets are a widespread threat that takes advantage of IoT devices vulnerabilities to compromise multiple devices and perform coordinated attacks. To tackle this, new methods addressing IoT botnets detection are required. In this paper, we propose a host-based detection system based on one-class classifiers. It was used a One-class Support Vector Machine built with features such as CPU and memory usage to detect malicious activities. The predictive performance and resource consumption of the proposed approach was evaluated in a controlled network using three different legitimate settings and seven IoT botnets. The results indicate that the proposed system is efficient in detecting different botnets with low resource consumption.