2022
DOI: 10.1109/access.2022.3226700
|View full text |Cite
|
Sign up to set email alerts
|

Traffic Based Sequential Learning During Botnet Attacks to Identify Compromised IoT Devices

Abstract: A novel online Compromised Device Identification System (CDIS) is presented to identify IoT devices and/or IP addresses that are compromised by a Botnet attack, within a set of sources and destinations that transmit packets. The method uses specific metrics that are selected for this purpose and which are easily extracted from network traffic, and trains itself online during normal operation with an Auto-Associative Dense Random Neural Network (AADRNN) using traffic metrics measured as traffic arrives. As it o… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1

Citation Types

0
4
0

Year Published

2023
2023
2024
2024

Publication Types

Select...
6
1

Relationship

0
7

Authors

Journals

citations
Cited by 21 publications
(4 citation statements)
references
References 46 publications
0
4
0
Order By: Relevance
“…In Ref. 39, a unique online hacked device identification system (CDIS) is presented to accurately detect and identify IoT devices and IP addresses that botnets have hacked. The CDIS utilizes traffic analysis and sequence learning algorithms to accurately detect hacked devices, even when they create minimal traffic.…”
Section: Literature Reviewmentioning
confidence: 99%
“…In Ref. 39, a unique online hacked device identification system (CDIS) is presented to accurately detect and identify IoT devices and IP addresses that botnets have hacked. The CDIS utilizes traffic analysis and sequence learning algorithms to accurately detect hacked devices, even when they create minimal traffic.…”
Section: Literature Reviewmentioning
confidence: 99%
“…Moreover, this approach mitigated the execution time, memory consumption and energy deployment as compared to other methods. E. Gelenbe, et.al (2022) established a new online Compromised Device Identification System (CDIS) for recognizing Internet of Things (IoT) devices infected with a Botnet attack which transmitted the packets [23]. This system aimed to select particular parameters whose extraction was done from network traffic, and training from online model when it was operated normally using an Auto-Associative Dense Random Neural Network (AADRNN) model.…”
Section: Literature Reviewmentioning
confidence: 99%
“…One of the key advantages of GNNs in botnet detection lies in their ability to handle the sequential nature of botnet attacks [9,10]. Botnets often exhibit dynamic and evolving behaviors over time, which conventional methods struggle to model effectively.…”
Section: Introductionmentioning
confidence: 99%