Network traffic analysis based IoT botnet detection using Honeynet data, applying classification techniques
Loading...
Date
2019-08
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
G.B. Pant University of Agriculture and Technology, Pantnagar - 263145 (Uttarakhand)
Abstract
In recent years with the inception of Internet of Things (IoT) devices the internet is flooded with low powered connected devices. This has led to a scenario where attackers can launch catastrophic DDoS attacks using these IoT devices for disrupting the internet. In 2016, the a DDoS attack launched by Mirai botnet hits targets with a bandwidth of 620 Gbps and took down websites as such as Twitter, Netflix, GitHub, etc and almost stalled the internet on the U.S east coast. Developing effective and sufficient approach for controlling IoT Botnet attacks is still a challenge. In this thesis a Network Traffic analysis based IoT botnet detection techniques has been developed.The detection of botnets is done by deploying a honeynet which provides us with activity logs of the intrusion attempts as well as the network traffic dump in the form of packet capture. The network traffic is used for extracting the flow of the traffic. Our work focuses on botnet detection using the network flows and applying classification techniques for finding features which have significant clue for botnet attack. For implementation, local honeynets namely CDAC CTMS and PantHoneynet have been used which are deployed at Department of Computer Engg. GBPUAT, Pantnagar. The data set obtained from the honeynets are used for the detection of botnets by the means of supervised machine learning classification techniques such as Random Forest ensemble classifier its performance with various other supervised machine learning algorithms is also compared.
Description
Keywords
null