A Federated Learning based Botnet Detection Method for Industrial Internet of Things
Authors: 
Hao Zhou, Zhiwei ShengAuthors Info & Claims
Pages 282 - 288
Abstract
Botnets in the Industrial Internet of Things (IIoT) significantly threaten system security. Currently, mainstream machine learning-based botnet detection techniques rely on centralized large-scale data training; however, this approach neglects privacy protection and data security issues. In addition, the complexity and heterogeneity of IIoT make the detection model unable to adapt to different industrial enterprises. In this paper, we propose a federated learning-based botnet detection approach for IIoT, where multiple heterogeneous industrial enterprises can train models using local data under the remote coordination of a centralized server, and then upload the model parameters to the central server to complete the aggregation. This approach allows the botnet detection model to better adapt to the local environment while avoiding sharing raw data. Meanwhile, the method is robust to federated learning poisoning attacks. In this paper, we have conducted tests using the N-BaIoT dataset. Our method achieves 99.63% of the F1 value and 99.26% of the MCC value on a new device that is not involved in the training. The detection performance is almost comparable to that of the centrally trained method, and outperforms other similar methods.
References
[1]
Li Da Xu, Wu He, and Shancang Li. 2014. Internet of things in industries: A survey. IEEE Transactions on industrial informatics 10, 4 (2014), 2233–2243.
[2]
Rajesh Kumar, Rohan Kela, Siddhant Singh, and Rolando Trujillo-Rasua. 2022. APT attacks on industrial control systems: A tale of three incidents. International Journal of Critical Infrastructure Protection 37, (2022), 100521.
[3]
Ihsan Ali, Abdelmuttlib Ibrahim Abdalla Ahmed, Ahmad Almogren, Muhammad Ahsan Raza, Syed Attique Shah, Anwar Khan, and Abdullah Gani. 2020. Systematic literature review on IoT-based botnet attack. IEEE Access 8, (2020), 212220–212232.
[4]
Hanli Qiao, Boris Novikov, and Jan Olaf Blech. 2021. Concept drift analysis by dynamic residual projection for effectively detecting botnet cyber-attacks in IoT scenarios. IEEE Transactions on Industrial Informatics 18, 6 (2021), 3692–3701.
[5]
Baotong Chen, Jiafu Wan, Yanting Lan, Muhammad Imran, Di Li, and Nadra Guizani. 2019. Improving cognitive ability of edge intelligent IIoT through machine learning. IEEE network 33, 5 (2019), 61–67.
[6]
Brendan McMahan, Eider Moore, Daniel Ramage, Seth Hampson, and Blaise Aguera y Arcas. 2017. Communication-efficient learning of deep networks from decentralized data. In Artificial intelligence and statistics, PMLR, 1273–1282.
[7]
Arjun Nitin Bhagoji, Supriyo Chakraborty, Prateek Mittal, and Seraphin Calo. 2019. Analyzing federated learning through an adversarial lens. In International Conference on Machine Learning, PMLR, 634–643.
[8]
Yair Meidan, Michael Bohadana, Yael Mathov, Yisroel Mirsky, Asaf Shabtai, Dominik Breitenbacher, and Yuval Elovici. 2018. N-baiot—network-based detection of iot botnet attacks using deep autoencoders. IEEE Pervasive Computing 17, 3 (2018), 12–22.
[9]
Thien Duc Nguyen, Samuel Marchal, Markus Miettinen, Hossein Fereidooni, N Asokan, and Ahmad-Reza Sadeghi. 2019. DÏoT: A federated self-learning anomaly detection system for IoT. In 2019 IEEE 39th International conference on distributed computing systems (ICDCS), IEEE, 756–767.
[10]
Valerian Rey, Pedro Miguel Sánchez Sánchez, Alberto Huertas Celdrán, and Gérôme Bovet. 2022. Federated learning for malware detection in IoT devices. Computer Networks 204, (2022), 108693.
[11]
Ruijie Zhao, Yijun Wang, Zhi Xue, Tomoaki Ohtsuki, Bamidele Adebisi, and Guan Gui. 2022. Semi-supervised federated learning based intrusion detection method for internet of things. IEEE Internet of Things Journal (2022).
[12]
Segun I Popoola, Ruth Ande, Bamidele Adebisi, Guan Gui, Mohammad Hammoudeh, and Olamide Jogunola. 2021. Federated deep learning for zero-day botnet attack detection in IoT-edge devices. IEEE Internet of Things Journal 9, 5 (2021), 3930–3944.
[13]
Jianhua Li, Lingjuan Lyu, Ximeng Liu, Xuyun Zhang, and Xixiang Lyu. 2021. FLEAM: A federated learning empowered architecture to mitigate DDoS in industrial IoT. IEEE Transactions on Industrial Informatics 18, 6 (2021), 4059–4068.
[14]
Andrew G Howard, Menglong Zhu, Bo Chen, Dmitry Kalenichenko, Weijun Wang, Tobias Weyand, Marco Andreetto, and Hartwig Adam. 2017. Mobilenets: Efficient convolutional neural networks for mobile vision applications. arXiv preprint arXiv:1704.04861 (2017).
[15]
Hongyi Wang, Kartik Sreenivasan, Shashank Rajput, Harit Vishwakarma, Saurabh Agarwal, Jy-yong Sohn, Kangwook Lee, and Dimitris Papailiopoulos. 2020. Attack of the tails: Yes, you really can backdoor federated learning. Advances in Neural Information Processing Systems 33, (2020), 16070–16084.
[16]
Xingchen Zhou, Ming Xu, Yiming Wu, and Ning Zheng. 2021. Deep model poisoning attack on federated learning. Future Internet 13, 3 (2021), 73.
[17]
Segun I Popoola, Bamidele Adebisi, Mohammad Hammoudeh, Guan Gui, and Haris Gacanin. 2020. Hybrid deep learning for botnet attack detection in the internet-of-things networks. IEEE Internet of Things Journal 8, 6 (2020), 4944–4956.
Index Terms
- A Federated Learning based Botnet Detection Method for Industrial Internet of Things
Index terms have been assigned to the content through auto-classification.
Recommendations
Collaborative Botnet Detection in Heterogeneous Devices of Internet of Things using Federated Deep Learning
ICSCA '24: Proceedings of the 2024 13th International Conference on Software and Computer ApplicationsThis research introduces a pioneering approach, termed Hierarchical Collaborative Botnet Detection, leveraging Federated Deep Learning to address the escalating security concerns within the Internet of Things (IoT) ecosystems characterized by ...
Collaborative device-level botnet detection for internet of things
Highlights- A review of the state-of-the-art device-level intrusion detection approaches.
- A detailed analysis of existing botnet datasets and their features to support evaluation of IDS.
- A novel trustworthy botnet detection framework for ...
AbstractCyber attacks on the Internet of Things (IoT) have seen a significant increase in recent years. This is primarily due to the widespread adoption and prevalence of IoT within domestic and critical national infrastructures, as well as inherent ...
Honeypot detection in advanced botnet attacks
Botnets have become one of the major attacks in the internet today due to their illicit profitable financial gain. Meanwhile, honeypots have been successfully deployed in many computer security defence systems. Since honeypots set up by security ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
September 2023
370 pages
ISBN:9798400708800
DOI:10.1145/3617184
Copyright © 2023 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 28 December 2023
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Funding Sources
- The National Key Research and Development Plan of China, Key Project of Cyberspace Security Governance
- The Key Research and Development Project of Sichuan Province
Conference
ICCSIE 2023
ICCSIE 2023: 8th International Conference on Cyber Security and Information Engineering
September 22 - 24, 2023
Putrajaya, Malaysia
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 64Total Downloads
- Downloads (Last 12 months)63
- Downloads (Last 6 weeks)6
Reflects downloads up to 31 Dec 2024
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign inFull Access
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML Format