BOND: Efficient and Frugal DL Model Co-design for Botnet detection on IoT Gateways
| Autor: | Vinay J. Ribeiro, Misha Mehra, Himanshu Gandhi |
|---|---|
| Rok vydání: | 2021 |
| Předmět: |
Software_OPERATINGSYSTEMS
Artificial neural network business.industry Computer science Deep learning ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS Botnet computer.software_genre Spamming ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS Component (UML) Benchmark (computing) Ransomware Malware Artificial intelligence business computer Computer network |
| Zdroj: | AIMLSystems |
| DOI: | 10.1145/3486001.3486237 |
| Popis: | A botnet is a network of devices infected by the same malware, acting as a single entity and controlled by a botmaster. They are the biggest cybersecurity threat to carry out large-scale attacks from spamming, ransomware, data exfiltration, and denial-of-service attacks. Lightweight IoT devices without traditional security mechanisms have become favorite victims and agents to carry out botnet attacks. In our work, we seek to detect botnet-infected IoT nodes. This paper presents BOND, a frugal Deep Learning analysis of network traffic for detecting IoT devices infected with botnet(s), correctly classifying Zero-Day attacks and newer benign traffic. BOND is designed considering the constraints of IoT gateways and betters the F1 score of standard benchmark ML algorithms and State-of-The-Art method - Kitsune, by at least 10%, with under 1 millisecond inference time and less than 150 KB of model memory. This paper also presents labeled data-set 27-Botnet spanning 27 IoT botnet families and ten different IoT devices. We believe, it is the first data set with a separate zero-day component. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|