One-class Classification to Detect Botnets in IoT devices ∗
ResumoWith the increasing number of different Internet of Things devices, new threats to network security emerge due to these devices' low security. Botnets are a widespread threat that takes advantage of IoT devices vulnerabilities to compromise multiple devices and perform coordinated attacks. To tackle this, new methods addressing IoT botnets detection are required. In this paper, we propose a host-based detection system based on one-class classifiers. It was used a One-class Support Vector Machine built with features such as CPU and memory usage to detect malicious activities. The predictive performance and resource consumption of the proposed approach was evaluated in a controlled network using three different legitimate settings and seven IoT botnets. The results indicate that the proposed system is efficient in detecting different botnets with low resource consumption.
BEZERRA, Vitor Hugo; COSTA, Victor G. Turrisi da; JUNIOR, Sylvio Barbon; MIANI, Rodrigo Sanches; ZARPELÃO, Bruno Bogaz. One-class Classification to Detect Botnets in IoT devices ∗. In: SIMPÓSIO BRASILEIRO EM SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG) , 2018 Anais do XVIII Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais. Porto Alegre: Sociedade Brasileira de Computação, oct. 2018 . p. 43 - 56.