One-class Classification to Detect Botnets in IoT devices ∗

  • Vitor Hugo Bezerra
  • Victor G. Turrisi da Costa
  • Sylvio Barbon Junior
  • Rodrigo Sanches Miani
  • Bruno Bogaz Zarpelão

Resumo


With the increasing number of different Internet of Things devices, new threats to network security emerge due to these devices' low security. Botnets are a widespread threat that takes advantage of IoT devices vulnerabilities to compromise multiple devices and perform coordinated attacks. To tackle this, new methods addressing IoT botnets detection are required. In this paper, we propose a host-based detection system based on one-class classifiers. It was used a One-class Support Vector Machine built with features such as CPU and memory usage to detect malicious activities. The predictive performance and resource consumption of the proposed approach was evaluated in a controlled network using three different legitimate settings and seven IoT botnets. The results indicate that the proposed system is efficient in detecting different botnets with low resource consumption.
Publicado
25/10/2018
Como Citar

Selecione um Formato
BEZERRA, Vitor Hugo; COSTA, Victor G. Turrisi da; JUNIOR, Sylvio Barbon; MIANI, Rodrigo Sanches; ZARPELÃO, Bruno Bogaz. One-class Classification to Detect Botnets in IoT devices ∗. In: SIMPÓSIO BRASILEIRO EM SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG) , 2018, Natal. Anais do XVIII Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais. Porto Alegre: Sociedade Brasileira de Computação, oct. 2018 . p. 43 - 56.