A Cohesive and Semantic Consistency of for Bot Attack on IoT and IIoTPlatforms
0 likes10 views
This document presents a literature review on bot attack detection methods for IoT and IIoT platforms. It discusses the existing challenges with machine learning approaches for detecting botnet traffic, including poor feature selection leading to misclassification. The proposed system aims to analyze network traffic characteristics to identify bot signatures using an apriori algorithm. It describes modules for data analysis, model training, and concludes future work could incorporate a secure shell module to simulate multiple IoT devices within a honeynet for detecting SSH attacks. The key advantages of the proposed system include fast performance, scalability, robustness to variations, and improved prediction accuracy while ensuring explainability.
A Cohesive and Semantic Consistency of for Bot Attack on IoT and IIoTPlatforms
- 1. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 04 | Apr 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 3125 A Cohesive and Semantic Consistency of for Bot Attack on IoT and IIoTPlatforms K Srilekha 1 , Panta Saisathvik Reddy2 , Vippala Nagendra Reddy3 , Kavuluru Venkata Bharadwaj4 1 Assistant Professor, SRM Institute of Science and Technology, Chennai, Ramapuram. 2,3,4 UG Scholars, SRM Institute of Science and Technology, Chennai, Ramapuram ----------------------------------------------------------------------***------------------------------------------------------------------ Abstract - The rationale behind network traffic analysis is that bots inside a botnet often exhibit consistent traffic behavior and show distinct communications behavior. These behaviors may be defined and characterized using a set of characteristics that separate them from non-malicious traffic and tactics. Because traffic analysis does not rely on packet content, it is unaffected by encryption. Many people are unaware if their gadgets are becoming bots or not. Malicious bots cause numerous security incidents. To address this issue, we suggest a bot detection monitoring system comprised of IoT sensors. The IoT solutions are built on low-cost devices and wireless communication to link and drive mobile data to the Unified system. This study focuses on crucial IoT safety issues, with a particular emphasis on cybercrime and counterattacks. Because of a lack of safety mechanisms in IoT expedients, many IoT expedients have been a target of cyber-attacks. This article examines the safety requirements such as secrecy, unity, substantiation. Key Words: botnet, non-malicious traffic, encryption, malicious bots, Unified system, cybercrimes, substantiation. 1. INTRODUCTION Bots are used to do operations that need no human participation, such as scanning website content, testing stolen credit card information, and giving customer care help. A bot attack is the use of automated web requests to manipulate, defraud, or disrupt a website, application, API, or end-users. IoT and IIoT operate in the same manner. They both link gadgets to the internet and enhance their intelligence. IIoT works to improve the safety and efficiency of manufacturing facilities. IoT is B2C (business-to- consumer), whereas IIoT is B2B (business-to-business) (business-to-business). Honeypots are a form of deception technique that helps you to study the patterns of attacker activity. Honeypots can be used by security teams to investigate cybersecurity breaches and gather intelligence on how fraudsters operate. 2. EXISTING SYSTEM Network congestion in IoT networks may be avoided by detecting irregularities and malicious activity in IoT networks. Machine learning approaches have been used by a number of academics to achieve this goal. Some ml algorithms, on the other hand, maybe exploited by using poor selection characteristics. There is misclassification of the vast majority of harmful traffic movements. The selection of appealing qualities for reliable pest recognition, on the other hand, is an essential problem that requires additional exploration in IoT networks, and traffic detection. A new framework model is provided to overcome the problem. CorrAUC, a new adaptive metric, is introduced, accompanied by the analysis and innovation of Corrauc, a classification approach based on CorrAUC. Be using a wrap technique to choose features. By using AUC measure, positively detect and choose actual features for the chosen ML algorithm. Our next step is to assess IoT data traffic using the TOPSIS goal and mixture, as well as the Shannon Entropy software package. The BotIoT datasets and a variety of ml approaches were used to test our proposed solution. Prior studies have shown that our suggested method is effective, with an aggregate score of roughly 96%. IoT security requires the detection and prevention of potentially harmful traffic flows in the network. The Internet of Things (IoT) is plagued by fraudulent traffic flows that may be prevented using a variety of machine learning techniques. Nonetheless, a number of ML models are excessively misrepresenting harmful traffic patterns because of a lack of attention to detail. For this reason, additional research is needed on identifying attractive qualities to consistently identify false traffic in IoT networks. Despite this, additional research is needed to identify attractive qualities in IoT networks that can successfully detect fake traffic. 2.1. DRAWBACKS Approach is a bit time-consuming. Inaccurate models lead to systems that under- or over-perform. The annotation inaccuracy due to the subjectivity of human perception. Computational cost in training the model is high.
- 2. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 04 | Apr 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 3126 Can’t learn relation between factors. Difficult and Less Commonly used. Tedious message updating. 3. PROPOSED SYSTEM This article will shed further insight into the Mirai virus to improve identification and prevention. This virus has been utilized in several high-profile DDoS operations in recent months. Mirai is a tool that can build and administer an Internet of Things botnet. This malware's code is dissected, and its components are described. Mirai's dynamic analysis virtual environment is constructed. The unique configurations needed to install, run, and operate Mirai in this context are detailed. The user environment of Mirai is provided, along with a command list. A controlled DDoS assault was carried out successfully. Traffic from controlled assaults was utilized to build a signature to detect Mirai. This study offers a honeypot for detecting and reporting telnet assaults on Internet of Things (IoT) devices. Manual and Mirai-based assaults are used in the honeypot. A multi-component architecture is deployed to obtain appropriate exposure to malicious traffic while simultaneously assuring acquired data security. It may be used to quickly detect a bot, especially when the bots' behavior is dynamic or polymorphic. The most important feature is that the detection system may not require prior knowledge of harmful signatures and profiles. In this study, we suggest analyzing network traffic characteristics to obtain essential evidence for bot trails. After that, we employ an apriori algorithm to evaluate these pieces of information and then use it to discover bots. 3.1. Advantages of Proposed System It is a fast and easy procedure to perform. Scale to incredible model quickly, easily, and cheaply. Tolerates Variations. Effectively improve prediction accuracy. Trustworthy and reliable, which refers to obtain explainability. Easy scalability. 3.2. Scope We've started constantly working to investigate the Mirai virus in order to be able to detect and neutralise it as effectively as possible. In recent months, a virus of this kind has been used in a number of large-scale distributed denial-of-service attacks. Mirai is often used to create and administer botnets of Internet of Things devices. The code of this malware has been disassembled, and the components of the malware have been described. It is Mirai's dynamic analysis that is carried out in a simulated space. 4. LITERATURE SURVEY S. N O TITLE AUTHO R NAMES YEA R DRAWBACKS 1 An Edge Traffic Flow Detection Scheme Based on Deep Learning in an Intelligent Transportation System Chen Chen , Bin Liu , Shaohua Wan , Peng Qiao and Qingqi Pei. 202 1 This system is Opportunistic and uncontrollable, Maximizes the complexity of the problem, Computationally intensive and require relatively large memory space. 2 An Algorithm for Detection of Traffic Attribute Exceptions Based on Cluster Algorithm in Industrial Internet of Things. Lidon g Fu , Wenbo Zhang , Xiaobo Tan and Hongbo Zhu. 202 1 Maximizes the complexity of the problem, Very calculation intensive while training the model, Solutions have been proved ineffective. 3 A Cascaded R-CNN With Multiscale Attention and Imbalanced Samples for Traffic Sign Detection. Jianm ing Zhang , Zhipeng Xie , Juan Sun , Xin Zou and Jin Wang 202 0 Unstable and difficult to train, Cannot be implemented real time, High complexity, inaccuracy, and inadequacy. 4 Lane Detection of Curving Road for Structural Highway With Straight-Curve Model on Vision. Huife ng Wang , Yunfei Wang , Xiangmo Zhao , Guiping Wang , He Huang and Jiajia Zhang. 201 9 Difficulties to obtain better performance, Approach is a bit time-consuming, Cannot exploit the new feature space. 5 An Embedded Computer- Vision System for Multi-Object Detection in Traffic Surveillance Ala Mhalla , Thierry Chateau , Sami Gazzah and Najoua Essoukri Ben Amara. 201 9 Complexity of its Real Time Implementation, Additional configuration is required, Computationally intensive and require relatively large memory space.
- 3. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 04 | Apr 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 3127 5. PROJECT MODULES 5.1. Data Analysis You must first establish a relationship with the data before modelling it and testing your hypotheses. Spending time summarizing, plotting, and reviewing actual real-world data from the domain can help you build this relationship—this method of analyzing data before modelling is known as analyzing exploratory data. The crucial process of doing early data investigations to uncover patterns, detect anomalies, test hypotheses, and confirm assumptions using summary statistics and graphical representations are referred to as exploratory data analysis. Spending time with the data upfront helps you establish an intuitive understanding of the data formats, values, and connections, which may later be utilized to explain observations and modelling findings. Because you are playing with your knowledge of the data, building an intuition for how the underlying process that produced it works, and creating questions and ideas to utilize as the foundation for your modelling, it is termed exploratory data analysis. 5.2. Data Analysis You must first establish a relationship with the data before modelling it and testing your hypotheses. Spending time summarizing, plotting, and reviewing actual real-world data from the domain can help you build this relationship—this method of analyzing data before modelling is known as analyzing exploratory data. The crucial process of doing early data investigations to uncover patterns, detect anomalies, test hypotheses, and confirm assumptions using summary statistics and graphical representations are referred to as exploratory data analysis. Spending time with the data upfront helps you establish an intuitive understanding of the data formats, values, and connections, which may later be utilized to explain observations and modelling findings. Because you are playing with your knowledge of the data, building an intuition for how the underlying process that produced it works, and creating questions and ideas to utilize as the foundation for your modelling, it is termed exploratory data analysis. 5.3. Model Training Ml algorithms are taught through information. They use the training data to form associations, gain knowledge, make decisions, and assess their confidence. Furthermore, as the training data improves, so does the model. Algorithms learn by analyzing data. They use the training data to form associations, gain knowledge, make decisions, and assess their confidence. Moreover, when the categorization model evolves, so does the model itself, and vice versa. While the kind and efficacy of your data sets are important factors in determining the overall success of your data project, they are not as important as the algorithms themselves. The modelling strategy is comprised of the acquisition of training datasets and the application of the ML algorithm. In addition to an example end result, it includes a linked collection of raw data that has an impact on the outcomes. A strategy is applied to the input data by the learning method in order to link the processed output with the sample results obtained. The association analysis is used to fine-tune the model, and it is described in detail below. Model fitting is the term used to describe this type of repetition. The correctness of the training and testing sets is what determines the model's functionality. The learning algorithm in computer language delivers data to a machine learning algorithm, which may then be used to identify and learn acceptable values for all of the characteristics that are being trained. The training set in computer language is described here. There are several distinct based on machine learning models, the most prominent of which are supervised learning models and unsupervised learning models, which are the more prevalent. Hardware Requirements Processor: Minimum i3 Dual Core Ethernet connection (LAN) OR a wireless adapter (Wi- Fi) Hard Drive: Minimum 100 GB; Recommended 200 GB or more Memory (RAM) : Minimum 8 GB; Recommended 32 GB or above Software Requirements Python Anaconda Jupyter Notebook TensorFlow 6. CONCLUSION The IoT is the latest research topic, and Security issues are also more effective. This research paper focused on the devices that updated their manufacturers do not support, which might not be available for those. Another challenge to IoT safety is to approve that signal across the web link between expedients and veil services or apps are protected. Encoding the message cannot be done by many IoT devices until they are sent over the network. 7. FUTURE WORK The next stage in the project would be to include a Secure Shell module to cope with Secure Shell-specific assaults and turn our honeypot into a honeynet that could simulate several IoT devices at once.
- 4. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 04 | Apr 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 3128 REFERENCES 1. Muhammad Shafiq, Zhihong Tian, Ali Kashif Bashir, Xiaojiang Du and Mohsen Guizani, “CorrAUC: a Malicious Bot-IoT Traffic Detection Method in IoT Network Using Machine Learning Techniques.”, IEEE Internet of Things Journal, 2020. 2. J. Qiu, Z. Tian, C. Du, Q. Zuo, S. Su, and B. Fang, "A survey on access control in the age of internet of things," IEEE Internet of Things Journal, 2020. 3. J. P. Anderson, "Computer security threat monitoring and surveillance, 1980. last accessed: November 30, 2008." software engineering, no. 2, pp. 222232, 1987. 4. L. Wu, X. Du, W. Wang, and B. Lin, "An out-of-band authentication scheme for internet of things using blockchain technology," in 2018 International Conference on Computing, Networking and Communications (ICNC). IEEE, 2018, pp. 769773. 5. Z. Tian, C. Luo, J. Qiu, X. Du, and M. Guizani, "A distributed deep learning system for web attack detection on edge devices," IEEE Transactions on Industrial Informatics, 2020. Vol 16(3): 1963-1971. 6. R. Xue, L. Wang, and J. Chen, "Using the iot to construct ubiquitous Mechanic Automation and Control Engineering. IEEE, 2011, pp. 7878 7880. 7. M. Shaq, X. Yu, A. A. Laghari, and D. Wang, "Effective feature se- lection for 5g in applications traffic classification," Mobile Information Systems, vol. 2017, 2017. 8. M. Dash and H. Liu, "Feature selection for classification," Intelligent data analysis, vol. 1, no. 1-4, pp. 131156, 1997. 9. M. Shaq, X. Yu, and A. A. Laghari, "We chat text messages service ow traffic classification using machine learning technique," in 2016 IEEE, 2016, pp. 15. 10. M. Shaq, Z. Tian, A. K. Bashir, X. Du, and M. Guizani, "Iot malicious traffic identification using wrapper-based feature selection mechanisms," Computers & Security, p. 101863, 2020. 11. M. Shaq, Z. Tian, A. K. Bashir, A. R. Jolfaei, and X. Yu, "Data mining and machine learning methods for sustainable smart cities traffic classification: A survey," Sustainable Cities and Society, 2020. 12. Z. Tian, S. Su, W. Shi, X. Du, M. Guizani, and X. Yu, "A data-driven method for future internet route decision modeling," Future Generation Computer Systems, vol. 95, pp. 212220, 2019. 13. Q. Wang, J. Wan, and Y. Yuan, "Locality constraint distance metric learning for traffic congestion detection," Pattern Recognit., vol. 75, pp. 272281, 2018. 14. X. Du and H.-H. Chen, "Security in wireless sensor networks," IEEE Wireless Communications, vol. 15, no. 4, pp. 6066, 2008. 15. Y. Meidan, M. Bohadana, Y. Mathov, Y. Mirsky, A. Shabtai, D. Breitenbacher, and Y. Elovici, "N-baiot AT network-based detection of iot botnet attacks using deep autoencoders," IEEE Pervasive Computing, vol. 17, no. 3, pp. 1222, 2018. 16. Q. Tan, Y. Gao, J. Shi, X. Wang, B. Fang, and Z. H. Tian, "Towards a comprehensive insight into the eclipse attacks of tor hidden services," IEEE Internet of Things Journal, 2019. vol. 6, no. 2, pp. 1584-1593, April. 17. Y. Zhu, C. Zhang, D. Zhou, X. Wang, X. Bai, and W. Liu, "Traffic sign detection and recognition using fully convolutional network guided proposals," Neurocomputing, vol. 214, pp. 758766, Nov. 2016. 18. C. Yao, X. Bai, N. Sang, X. Zhou, S. Zhou, and Z. Cao, "Scene text detection via holistic, multi-channel prediction," CoRR, vol. abs/1606.09002, 2016. 19. J. Greenhalgh and M. Mirmehdi, "Recognizing text- based traffic signs," IEEE Trans. Intel. Transp. Syst., vol. 16, no. 3, pp. 13601369, Jun. 2015. 20. A. Mogelmose, M. M. Trivedi, and T. B. Moeslund, "Vision-based traffic sign detection and analysis for intelligent driver assistance systems: Perspectives and survey," IEEE Trans. Intel. Transp. Syst., vol. 13, no. 4, pp.14841497, Dec. 2012 BIOGRAPHIES K SRILEKHA, An Assistant Professor in computer science and engineering at the SRM Institute of science and technology, Chennai. Panta Saisathvik Reddy, Pursuing B. Tech's in computer science and engineering at the SRM Institute of science and technology, Chennai, a Tech Passionate and Active Computer Science major Vippala Nagendra Reddy, Science and technology student at SRM University, Chennai, with a Bachelors' Degree in computer science and technology. He is an enthusiastic reader and an amateur data scientist who wants to produce new initiatives. Kavuluru Venkata Bharadwaj, Science and technology student at SRM University, Chennai, with a Bachelors' Degree in computer science and technology, a Tech Passionate and Active Computer Science major