Research On Botnet Detection Technology In The Internet Of Things Based On Deep Learning

The development of intelligent technology makes everything interconnected,which also provides a large number of habitats for the botnet,and cybersecurity is also facing serious threats as a result.Botnet,with the help of the huge Internet of Things system,not only threatens the security of each of our property but also threatens the security of national critical infrastructure,therefore,there is an urgent need for effective technology to identify and detect botnets in the Internet of Things.In this paper,based on an intensive study of botnet detection techniques in Internet of Things,deep learning algorithms are applied to it and the following work is done.(1)Analyze the deficiencies of traditional machine learning algorithms in botnet detection in Internet of Things,and propose a botnet detection method based on extreme learning machine(ELM).The botnet detection model built based on traditional machine learning algorithms relies much on feature engineering.The feature extraction is unsatisfactory and the detection accuracy is low in the face of constantly updated botnets.To overcome these shortcomings,in this paper,a botnet detection model based on extreme learning machine is established,which uses an end-to-end approach for learning training and does not rely on manual feature extraction,greatly improving the detection efficiency and accuracy.(2)After analyzing the limitations of existing botnet detection methods,we propose a detection method that combines autoencoders and bidirectional long short-term memory(Bi LSTM)networks.The existing botnet detection methods often ignore two important timing features,i.e.,the synchronization of botnet host communication and the correlation between the entire botnet,so the detection results are not satisfactory.In order to overcome this shortcoming,a botnet detection model combining autoencoder and Bi LSTM memory network is built in this paper.The botnet detection accuracy is improved by modeling the botnet temporal sequence features.(3)To address the phenomenon that existing botnet datasets have many and complicated samples and lack sample labels,the samples are augmented with the help of generative adversarial networks(GAN).The data sample labels are important to the supervised learning model and affect the detection performance of the model.To address the lack of a large number of data sample labels,GAN is used to generate a large number of labeled data samples to expand the original dataset in this paper,enhance the robustness of the botnet detection model,and improve the detection accuracy.In this paper,the ISCX-Bot-2014 botnet dataset is used to evaluate the performance of the algorithm,and the experimental results show that the botnet detection method based on ELM proposed in this paper greatly improved the detection efficiency by end-to-end learning,eliminating the manual feature extraction step;modeling based on botnet timing features further improved the detection accuracy;using the generative adversarial network to expand the dataset enhanced the robustness of the detection model.At the same time,the application of deep learning to Internet of Things botnet detection has certain theoretical and practical implications.