Litcius/Paper detail

Detecting Information Theft Attacks in the Bot-IoT Dataset

Joffrey L. Leevy, John Hancock, Taghi M. Khoshgoftaar, Jared M. Peterson

20212021 20th IEEE International Conference on Machine Learning and Applications (ICMLA)18 citationsDOI

Abstract

There are growing security risks tied to the recent proliferation of Internet of Things (IoT) devices. Due to this fact, datasets such as Bot-IoT were designed to train machine learning classifiers on network intrusion detection in IoT networks. In this research, we use Bot-IoT to build a predictive model for detecting information theft attacks. Our contribution is defined by the unique approach of using eight classifiers and two performance metrics to detect information theft traffic. Also, to the best of our knowledge, the Bot-IoT Information Theft category of attacks has never been the focus of a research paper. Our group of classifiers is a diverse range of four ensembles (CatBoost, Light-GBM, XGBoost, and Random Forest) and four non-ensembles (Decision Tree, Logistic Regression, Naive Bayes, and a Multilayer Perceptron (MLP)). The metrics used to evaluate the classifiers are Area Under the Receiver Operating Characteristic Curve (AUC) and Area Under the Precision-Recall Curve (AUPRC). Through cross-validation, we train and test Bot-IoT instances (only normal and information theft traffic) to evaluate the best classifier(s). According to our results, the ensemble classifiers, particularly CatBoost, LightGBM, and XGBoost, are the top-performing models.

Topics & Concepts

Computer scienceNaive Bayes classifierRandom forestDecision treeArtificial intelligenceMachine learningMultilayer perceptronClassifier (UML)Internet of ThingsRandom subspace methodPerceptronIntrusion detection systemReceiver operating characteristicData miningSupport vector machineArtificial neural networkComputer securityNetwork Security and Intrusion DetectionAdvanced Malware Detection TechniquesInternet Traffic Analysis and Secure E-voting