Research On Botnet Detection Technology Based On IoT Traffic

With the development of 5G technology,a large number of Io T devices are rapidly deployed in the fields of industry,agriculture,finance,medical and smart home.Io T devices generally have serious problems such as lack of security protection mechanism and user privacy leakage,which become the primary target of attackers.Botnets,as a common and effective means of network attacks,have become the main threat to the security of Io T devices.Based on this,this paper focuses on Io T traffic-based botnet detection technology,aiming to discover the shortcomings of Io T botnet detection technology and improve the efficiency of Io T botnet detection based on the existing research.The main work of this paper is as follows.(1)An Io T botnet detection method called GAE-MBLSTM is proposed,which combines the joint advantages of gated recurrent unit autoencoder algorithm(GAE),the Synthetic Minority Oversampling Technique(SMOTE)and multilayer bidirectional long short-term memory neural network(MBLSTM),and is performed in the publicly available Io T botnet dataset Bot-Io T.validation of validity.Among them,the GAE algorithm proposed in this paper is a feature dimensionality reduction algorithm based on gated recurrent unit and autoencoder improvement,which makes use of the feature that gated recurrent unit can better capture the long-term dependencies of features on time series,so that the low-dimensional features represent the contextual information of the high-dimensional features in long-term dependencies.(2)Based on the traditional bidirectional long short-term memory neural network(BLSTM),a multilayer BLSTM network structure(MBLSTM)is proposed to combine highly abstracted shallow features with deep features on bidirectional time series.Secondly,in order to solve the problem of sample class imbalance in Io T botnet,the GAE-MBLSTM model uses SMOTE technique to generate few classes of samples,so that the original highly imbalanced dataset achieves sample class balance.The experimental results show that the GAE algorithm can effectively reduce the number of high-dimensional features in the Bot-Io T dataset and compress the data size of traffic samples by 83.3%,which is better than the feature dimensionality reduction effect of traditional autoencoder.Thirdly,the GAE-MBLSTM model using the SMOTE technique also has strong robustness and generalization ability in terms of underfitting and overfitting.the GAE-MBLSTM model achieves more than 99% accuracy and recall in the Io T botnet 5-class detection task.(3)An Io T botnet detection system is implemented based on the GAE-MBLSTM botnet detection algorithm.The Io T botnet detection system was designed and implemented using software engineering ideas.The description of the requirement analysis was carried out based on the difference in authority between ordinary users and administrators,including the division of the system functional modules and the business logic of the main functions.The overall architecture and functional structure of the system were determined,and finally the detailed description and interface design of each functional module of the system were carried out,and the botnet detection system was tested and the main functions were demonstrated.