Detecting IoT Botnet in Gateway Devices

Abstract

IoT devices are increasingly becoming the target for attackers using malware because they are
more infectious than conventional computers. This is because current traditional IoT devices do not receive
security updates, have no priority for security, have weak login credentials, etc. One reason for the security
holes of IoT is that it is too new. Shortcomings in the basic security controls have turned IoT devices into
targets that are easily attacked for cybercriminals and other attackers. In this paper, based on the supervised
machine learning algorithms and the method of analyzing abnormal behavior of the IoT botnet, we propose
a method of botnet detection using machine learning. Accordingly, behaviors of the botnet will be sought
and extracted through network traffic. Then, these behaviors will be analyzed and evaluated to classify into
normal behaviors or behaviors of botnets. Finally, based on the above behaviors, we will look for botnet IP
networks in the system. The approach of botnet IP detection through the network traffic behavior analysis
method that we propose is a novel approach and will bring good results.