Abstract
The rapid escalation in the usage of the Internet of Things (IoT) devices is threatened by botnets. The expected increase in botnet attacks has seen numerous botnet detection/mitigation proposals from academia and industry. This paper conducts a systematic mapping study of the literature so as to distinguish, sort, and synthesize research in this domain. The investigation is guided by various research questions that are relevant to the botnet studies. In this research, a total of 3,645 studies were gotten from our preliminary pursuit outcomes. Seventy four (74) studies were recognized based on importance, of which 52 were at last picked dependent on our characterized Incorporation and Elimination criteria. A classification for the mapping study with the following components: key contribution, research aspect, validation methods, network forensic methods, datasets and evaluation metric was proposed. Likewise, in this study, we identified eleven (11) key contributions which include evaluation, approach, model, system, software architecture, method, technique, framework, mechanism, algorithm and dataset. The findings of this systematic mapping investigation demonstrate that exploration of IoT-based botnet attacks is picking up more consideration in the past three years with steady distribution yield. Finally, this investigation can be a beginning point in examining researches on botnet assaults in IoT devices and finding better ways to detect and mitigate such assaults.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Acarali, D., Rajarajan, M., Komninos, N., & Zarpelão, B. B. (2019). Modelling the spread of botnet malware in IoT-based wireless sensor networks. Security and Communication Networks. https://doi.org/10.1155/2019/3745619.
Ahmad, I., Ahmed, G., Shah, S. A. A., & Ahmed, E. (2018). A decade of big data literature: Analysis of trends in light of bibliometrics. The Journal of Supercomputing, 76(5), 3555–3571.
Al, A., Hossam, S., & Ibrahim, F. (2019). Unsupervised intelligent system based on one class support vector machine and Grey Wolf optimization for IoT botnet detection. Journal of Ambient Intelligence and Humanized Computing, 11(7), 2809–2825.
Alshuqayran, N., Ali, N., & Evans, R. (2016). A systematic mapping study in microservice architecture. In 2016 IEEE 9th International Conference on Service-Oriented Computing and Applications (SOCA) (pp. 44–51).
Amjad, K., Ahmad, R., Akhunzada, A., Hairul, M., Nasir, N., & Khan, S. U. (2015). Impact analysis and change propagation in service-oriented enterprises : A systematic review. Inf. Syst., 54, 43–73.
Araki, S., Takahashi, K., Hu, B., Kamiya, K., & Tanikawa, M. (2019). Subspace clustering for interpretable botnet traffic analysis. In ICC 2019 - 2019 IEEE International Conference on Communications (ICC) (pp. 1–6). https://doi.org/10.1109/icc.2019.8761218.
Bahsi H., Nomm S., La Torre F. B. (2018) Dimensionality Reduction for Machine Learning Based IoT Botnet Detection. In: 2018 15th International Conference on Control, Automation, Robotics and Vision (ICARCV). IEEE, pp. 1857–1862.
Balasubramanian, Y., & Baggam, D. S. (2018). Quantum IDS for mitigation of DDoS attacks by mirai botnets. Singapore: Springer. https://doi.org/10.1007/978-981-10-8660-1.
Baldassarre, M. T., Caivano, D., Dimauro, G., Gentile, E., & Visaggio, G. (2018). Cloud computing for education: A systematic mapping study. IEEE Transactions on Education, 61(3), 234–244.
Bansal, A., & Mahapatra, S. (2017). A comparative analysis of machine learning techniques for botnet detection. Proceedings of the 10th International Conference on Security of Information and Networks, (pp. 91–100). https://doi.org/10.1145/3136825.3136874.
Bertino, E., & Islam, N. (2017). Botnets and Internet of Things Security. Computer, 50(2), 76–79. https://doi.org/10.1109/MC.2017.62.
Budgen D., Turner M., Brereton P., Kitchenham B. (2007) Using Mapping Studies in Software Engineering. vol. 2.
Cayton-hodges, A. G. A., et al. (2018). (2018) Gameification in Education: A Systematic Mapping Study. Journal of Educational Technology & Society, 18(2), 3–20.
Ceron, J. M., Steding-Jessen, K., Hoepers, C., Granville, L. Z., & Margi, C. B. (2019). Improving iot botnet investigation using an adaptive network layer. Sensors (Switzerland), 19(3), 1–16. https://doi.org/10.3390/s19030727.
Cui P., Guin U. (2019) Countering Botnet of Things using Blockchain-Based Authenticity Framework. In: 2019 IEEE Computer Society Annual Symposium on VLSI, pp. 598–603, 2019.
Dietz, C., Castro, R. L., Steinberger, J., Wilczak, C., Antzek, M., Sperotto, A., & Pras, A. (2018). IoT-Botnet betection and isolation by access routers. In Proceedings of the 2018 9th international conference on the network of the future, NOF 2018 (pp. 88–95). https://doi.org/10.1109/NOF.2018.8598138.
Doshi, R., Apthorpe, N., & Feamster, N. (2018). Machine learning DDoS detection for consumer internet of things devices. In Proceedings - 2018 IEEE Symposium on Security and Privacy Workshops, SPW 2018, (MI) (pp. 29–35). https://doi.org/10.1109/SPW.2018.00013.
Farooq, M. J., & Zhu, Q. (2019). Modeling, analysis, and mitigation of dynamic botnet formation in wireless IoT networks. IEEE Transactions on Information Forensics and Security, 14(9), 2412–2426. https://doi.org/10.1109/TIFS.2019.2898817.
Gardner M. T., Beard C., Medhi D. (2017) Using SEIRS epidemic models for IoT botnets attacks. In: DRCN 2017-Design of Reliable Communication Networks; 13th International Conference. VDE, vol. 2017, pp. 62–69, 2017.
Geneiatakis D., Kounelis I., Neisse R., Nai-fovino I., Steri G., Baldini G. (2017) Security and Privacy Issues for an IoT based Smart Home. In: 2017 40th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO). IEEE, pp. 1292–1297, 2017.
Giachoudis, N., Damiris, G.-P., Theodoridis, G., & Spathoulas, G. (2019). Collaborative agent-based detection of DDoS IoT botnets. In 2019 15th International Conference on Distributed Computing in Sensor Systems (DCOSS) (pp. 205–211). https://doi.org/10.1109/dcoss.2019.00055.
Giri, R. (2019). Influence of selected factors in journals’ citations. Aslib Journal of Information Management , 71(1), 90–104.
Gopal, T. S., Meerolla, M., Jyostna, G., Reddy Lakshmi Eswari, P., & Magesh, E. (2018). Mitigating Mirai Malware Spreading in IoT Environment. In 2018 International Conference on Advances in Computing, Communications and Informatics, ICACCI 2018 (pp. 2226–2230). https://doi.org/10.1109/ICACCI.2018.8554643.
Gurulakshmi, K., & Nesarani, A. (2018). Analysis of IoT Bots Against DDOS Attack Using Machine Learning Algorithm. In Proceedings of the 2nd International Conference on Trends in Electronics and Informatics, ICOEI 2018, (Icoei) (pp. 1052–1057). https://doi.org/10.1109/ICOEI.2018.8553896.
Habibi, J., Midi, D., Mudgerikar, A., & Bertino, E. (2017). Heimdall: Mitigating the internet of insecure things. IEEE Internet Things Journal, 4(4), 968–978.
Hachinyan, O., Khorina, A., & Zapechnikov, S. (2018). A game-theoretic technique for securing IoT devices against Mirai botnet. In Proceedings of the 2018 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering, ElConRus 2018, 2018-Janua (pp. 1500–1503). https://doi.org/10.1109/EIConRus.2018.8317382.
Hallman, R., Bryan, J., Palavicini, G., Divita, J., & Romero-mariona, J. (2017). IoDDoS- the internet of distributed denial of service attacks a case study of the mirai malware and IoT-based botnets, (IoTBDS) (pp. 978–989). https://doi.org/10.5220/0006246600470058.
Hasan, M., Islam, M., Zarif, I. I., & Hashem, M. M. A. (2019). Attack and anomaly detection in IoT sensors in IoT sites using machine learning approaches. Internet of Things, 7, 100059.
Hatzivasilis, G., Soultatos, O., Chatziadam, P., Fysarakis, K., Askoxylakis, I., Ioannidis, S., Alaxandris, G., Katos, V., & Spanoudakis, G. (2019). WARDOG: Awareness detection watchbog for Botnet infection on the host device. IEEE Transactions on Sustainable Computing, 3782(c), 1–1. https://doi.org/10.1109/tsusc.2019.2914917.
Indre, I., & Lemnaru, C. (2016). Detection and prevention system against cyber attacks and botnet malware for information systems and Internet of Things. In Proceedings - 2016 IEEE 12th International Conference on Intelligent Computer Communication and Processing, ICCP 2016 (pp. 175–182). https://doi.org/10.1109/ICCP.2016.7737142.
James, K. L., Randall, N. P., & Haddaway, N. R. (2016). A methodology for systematic mapping in environmental sciences. Environment Evidence, 5(1), 1–13.
Jerkins J. A. (2017). Motivating a market or regulatory solution to IoT insecurity with the Mirai botnet code. In 2017 IEEE 7th annual computing and communication workshop and conference (CCWC) 2017 (pp. 1–5). https://doi.org/10.1109/CCWC.2017.7868464.
Ji, Y., Yao, L., Liu, S., Yao, H., Ye, Q., & Wang, R. (2018). The Study on the Botnet and its Prevention Policies in the Internet of Things. In Proceedings of the 2018 IEEE 22nd International Conference on Computer Supported Cooperative Work in Design, CSCWD 2018 (pp. 654–659). https://doi.org/10.1109/CSCWD.2018.8465280.
Jurca G., Hellmann T. D., Maurer F. (2014) Integrating agile and user-centered design: A systematic mapping and review of evaluation and validation studies of agile-UX. In: 2014 Agile Conference, pp. 24–32, 2014.
Kasurinen, J., & Knutas, A. (2018). Publication trends in gamification: A systematic mapping study. Computer Science Review, 27, 33–44.
Kitchenham, B., Brereton, O. P., Budgen, D., Turner, M., Bailey, J., & Linkman, S. (2009). Systematic literature reviews in software engineering – A systematic literature review. Information and Software Technology, 51(1), 7–15.
Kolias, C., Kambourakis, G., Stavrou, A., & Voas, J. (2017). DDoS in the IoT: Mirai and other botnets. Computer, 50(7), 80–84. https://doi.org/10.1109/MC.2017.201.
Koroniotis, N., Moustafa, N., & Sitnikova, E. (2018). Towards developing network forensic mechanism for botnet activities in the IoT based on machine learning techniques. Cham: Springer International Publishing. https://doi.org/10.1007/978-3-319-90775-8.
Koroniotis, N., Moustafa, N., & Sitnikova, E. (2019b). Forensics and deep learning mechanisms for botnets in internet of things: A survey of challenges and solutions. IEEE Access, 7, 61764–61785.
Koroniotis, N., Moustafa, N., Sitnikova, E., & Turnbull, B. (2019a). Towards the development of realistic botnet dataset in the internet of things for network forensic analytics: Bot-IoT dataset. Future Generation Computer Systems, 100, 779–796. https://doi.org/10.1016/j.future.2019.05.041.
Kumar, A. (2019). A secure contained testbed for analyzing IoT botnets. Cham: Springer International Publishing. https://doi.org/10.1007/978-3-030-12971-2.
Kumar A., & Lim T. J. (2019). EDIMA: Early detection of IoT malware network activity using machine learning techniques. In 2019 IEEE 5th World Forum Internet Things (WF-IoT) (pp. 289–294). https://doi.org/10.1109/wf-iot.2019.8767194.
Li, W., Jin, J., & Lee, J.-H. (2019). Analysis of Botnet Domain Names for IoT Cybersecurity. IEEE Access, 7, 94658–94665. https://doi.org/10.1109/access.2019.2927355.
Margolis J., Oh T. T., Jadhav S., Kim Y. H., Kim J. N. (2018) An in-depth analysis of the mirai botnet. In: 2017 International Conference on Software Security and Assurance (ICSSA), pp. 6–12.
Marzano A., Alexander, D., Fonseca, O., Fazzion, E., Hoepers, C., Steding-Jessen, K., Chaves, H. P. C. M., Cunha, I., Guedes, D., & Meira, W. (2018). The evolution of bashlite and mirai IoT botnets. In: Proceedings - IEEE Symposium on Computers and Communications, 2018-June (pp. 813–818). https://doi.org/10.1109/ISCC.2018.8538636.
McDermott, C. D., Isaacs, J. P., & Petrovski, A. V. (2019). Evaluating awareness and perception of botnet activity within consumer internet-of-things (IoT) networks. Informatics, 6(1), 8.
McDermott C. D., Majdani F., & Petrovski A. V. (2018a). Botnet Detection in the Internet of Things using Deep Learning Approaches. In 2018 international joint conference on neural networks (pp. 1–8).
McDermott C. D., Petrovski A. V., & Majdani F. (2018b). Towards situational awareness of botnet activity in the internet of things. In 2018 International Conference on Cyber Situational Awareness, Data Analytics and Assessment, CyberSA 2018 (pp. 1–8). https://doi.org/10.1109/CyberSA.2018.8551408.
Medaglia, C. M., & Serbanati, A. (2010). An overview of privacy and security issues in the internet of things. In The Internet of Things. New York: Springer. https://doi.org/10.1007/978-1-4419-1674-7.
Meidan, Y., Bohadana, M., Mathov, Y., Mirsky, Y., Shabtai, A., Breitenbacher, D., & Elovici, Y. (2018). N-BaIoT-Network-based detection of IoT botnet attacks using deep autoencoders. IEEE Pervasive Computing, 17(3), 12–22. https://doi.org/10.1109/MPRV.2018.03367731.
Nguyen H. T., Ngo Q. D., & Le V. H. (2018). IoT botnet detection approach based on PSI graph and DGCNN classifier. In: 2018 IEEE International Conference on Information Communication and Signal Processing, ICICSP 2018, (Icsp) (pp. 118–122). https://doi.org/10.1109/ICICSP.2018.8549713.
Nomm S., Bahsi H. (2019) Unsupervised Anomaly Based Botnet Detection in IoT Networks. In: 2018 17th IEEE International Conference on Machine Learning and Applications (ICMLA). IEEE. pp. 1048–1053.
Oliveri, A., & Lauria, F. (2019). Sagishi: An undercover software agent for infiltrating IoT botnets. Network Security, 2019(1), 9–14.
Ozcelik M., Chalabianloo N., Gur G. (2017) Software-Defined Edge Defense Against IoT-Based DDoS. In: 2017 IEEE International Conference on Computer and Information Technology (CIT). IEEE, 2017. pp. 308–313.
Petersen K., Feldt R., MujtabaS., Mattsson M. (2008) Systematic mapping studies in software engineering. In: 12th International Conference on Evaluation and Assessment in Software Engineering, pp. 1–10, 2008.
Petersen, K., Vakkalanka, S., & Kuzniarz, L. (2015). Guidelines for conducting systematic mapping studies in software engineering : An update. Information and Software Technology, 64, 1–18.
Proano J. P. Z., Villamar V. C. P. (2018) Systematic mapping study of literature on educational data mining to determine factors that affect school performance. In: 2018 International Conference on Information Systems and Computer Science (INCISCOS). pp. 239–245.
Rasheed, R. A., Kamsin, A., Abdullah, N. A., Zakari, A., & Haruna, K. (2019). A systematic mapping study of the empirical MOOC literature. IEEE Access, 7, 124809–124827.
Rathore, S., & Park, J. H. (2018). Semi-supervised learning based distributed attack detection framework for IoT. Applied Soft Computing , 72, 79–89.
Remillano II A., (2019) ThinkPHP Vulnerability Abused by Botnets Hakai and Yowaie. [Online]. Available: https://blog.trendmicro.com/trendlabs-security-intelligence/thinkphp-vulnerability-abused-by-botnets-hakai-and-yowai/. [Accessed: 25-Jan-2019].
Sagirlar G., Carminati D., & Ferrari E. (2018). AutoBotCatcher: Blockchain-based P2P botnet detection for the internet of things. In Proceedings - 4th IEEE International Conference on Collaboration and Internet Computing, CIC 2018, (pp. 1–8). https://doi.org/10.1109/CIC.2018.00-46.
Sajjad S. M., & Yousaf M. (2018). UCAM: Usage, Communication and Access Monitoring Based Detection System for IoT Botnets. In Proceedings - 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications and 12th IEEE International Conference on Big Data Science and Engineering, Trustcom/BigDataSE 2018 (pp. 1547–1550). https://doi.org/10.1109/TrustCom/BigDataSE.2018.00221.
Shafi Q. A., & Basit A. (2019). DDoS botnet prevention using blockchain in software defined internet of things. In Proceedings of 2019 16th International Bhurban Conference on Applied Sciences and Technology, IBCAST 2019 (pp. 624–628). https://doi.org/10.1109/IBCAST.2019.8667147.
Shah, T., & Venkatesan, S. (2019). A Method to Secure IoT devices against botnet attacks. Cham: Springer International Publishing. https://doi.org/10.1007/978-3-030-23357-0.
Shahrokni, A., & Feldt, R. (2013). A systematic review of software robustness. Information and Software Technology, 55(1), 1–17.
Sinanovic, H., & Mrdovic, S. (2017). Analysis of Mirai malicious software. In 25th International Conference on Software, Telecommunications and Computer Networks, SoftCOM 2017. https://doi.org/10.23919/SOFTCOM.2017.8115504.
Spaulding, J., Park, J., Kim, J., & Nyang, D. (2018). Thriving on chaos : Proactive detection of command and control domains in internet of things-scale botnets using DRIFT. Transactions on Emerging Telecommunications Technologies, 30(4), 1–17.
Spaulding, J., Park, J., Kim, J., Nyang, D. H., & Mohaisen, A. (2019). Thriving on chaos: Proactive detection of command and control domains in internet of things-scale botnets using DRIFT. Transactions on Emerging Telecommunications Technologies, 30(4), 1–17. https://doi.org/10.1002/ett.3505.
Su, J., Danilo Vasconcellos, V., Prasad, S., Daniele, S., Feng, Y., & Sakurai, K. (2018). Lightweight classification of IoT malware based on image recognition. In 2018 IEEE 42Nd annual computer software and applications conference (Vol. 2, pp. 664–669). https://doi.org/10.1109/COMPSAC.2018.10315.
Sven, N., Benedetto, F., & Torre, L. (2018). Dimensionality reduction for machine learning based IoT botnet detection (pp. 1857–1862).
Tzagkarakis C., Petroulakis N., Ioannidis S. (2019) Botnet attack detection at the IoT edge based on sparse representation. In 2019 Global. IoT Summit (pp. 1–6).
Vlajic, N., & Zhou, D. (2018). IoT as a land of opportunity for DDoS hackers. Computer, 51(7), 26–34. https://doi.org/10.1109/MC.2018.3011046.
Wainwright P. Kettani H. (2019) An analysis of botnet models. Proceedings of the 2019 3rd International Conference on Compute and Data Analysis (pp. 116–121).
Wildani, I. M., & Yulita, I. N. (2019). Classifying botnet attack on internet of things device using random forest. In IOP Conference Series: Earth and Environmental Science (Vol. 248, pp. 6). https://doi.org/10.1088/1755-1315/248/1/012002.
Xu Y., Koide H., Vargas D. V., & Sakurai K. (2018). Tracing MIRAI malware in networked system. In Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018 (pp. 534–538). https://doi.org/10.1109/CANDARW.2018.00104.
Yin, L., Luo, X., Zhu, C., Wang, L., Xu, Z., & Lu, H. (2019). ConnSpoiler: Disrupting C&C communication of IoT-based botnet through fast detection of anomalous domain queries. IEEE Transactions on Industrial Informatics. https://doi.org/10.1109/tii.2019.2940742.
Zakari, A., Lee, S. P., Alam, K. A., & Ahmad, R. (2018). Software fault localization: A systematic mapping study. IET Software, 13(1), 2–22.
Zein, S., Salleh, N., & Grundy, J. (2016). The journal of systems and software A systematic mapping study of mobile application testing techniques. Journal of Systems and Software, 117, 334–356.
Acknowledgement
This work is supported by Partnership Grant RK004-2017 and Faculty Grant GPF004D-2019 University of Malaya.
Author information
Authors and Affiliations
Corresponding authors
Appendix
Rights and permissions
About this article
Cite this article
Hamid, H., Noor, R.M., Omar, S.N. et al. IoT-based botnet attacks systematic mapping study of literature. Scientometrics 126, 2759–2800 (2021). https://doi.org/10.1007/s11192-020-03819-5
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11192-020-03819-5