디지털융복합연구 (Journal of Digital Convergence)

  • 제19권9호
  • /
  • Pages.463-468
  • /
  • 2021
  • /
  • 2713-6434(pISSN)
  • /
  • 2713-6442(eISSN)
한국디지털정책학회 (The Society of Digital Policy and Management)
권호 표지
DOI QR코드

DOI QR Code

IoT 네트워크에서 악성 트래픽을 탐지하기 위한 머신러닝 알고리즘의 성능 비교연구

A comparative study of the performance of machine learning algorithms to detect malicious traffic in IoT networks

  • 현미진 (경남대학교 교양융합대학 MSC교육부)
  • Hyun, Mi-Jin (Division of Mathmatics, Science, and Computers, Kyungnam University)
  • 투고 : 2021.08.11
  • 심사 : 2021.09.20
  • 발행 : 2021.09.28
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

IoT는 기술의 발전과 IoT 기기의 보급 및 서비스의 활성화로 폭발적인 증가세를 보이고 있지만, 최근 다양한 봇넷의 활동에 의해 심각한 보안 위험과 재정적 피해가 발생하고 있다. 따라서 이러한 봇넷의 활동을 정확하고 빠르게 탐지하는 것이 중요하다고 할 수 있다. IoT 환경에서의 보안은 최소한의 프로세싱 성능과 메모리로 운영을 해야 하는 특성이 있는 만큼, 본 논문에서는 탐지를 위한 최소한의 특성을 선택하고, KNN(K-Nearest Neighbor), Naïve Bayes, Decision Tree, Random Forest와 같은 머신러닝 알고리즘이 봇넷의 활동을 탐지하는 성능을 비교연구 하였다. Bot-IoT 데이터셋을 사용한 실험 결과는 적용한 머신러닝 알고리즘 중 KNN이 DDoS, DoS, Reconnaissance 공격을 가장 효과적이고 효율적으로 탐지할 수 있음을 보여주었다.

Although the IoT is showing explosive growth due to the development of technology and the spread of IoT devices and activation of services, serious security risks and financial damage are occurring due to the activities of various botnets. Therefore, it is important to accurately and quickly detect the activities of these botnets. As security in the IoT environment has characteristics that require operation with minimum processing performance and memory, in this paper, the minimum characteristics for detection are selected, and KNN (K-Nearest Neighbor), Naïve Bayes, Decision Tree, Random A comparative study was conducted on the performance of machine learning algorithms such as Forest to detect botnet activity. Experimental results using the Bot-IoT dataset showed that KNN can detect DDoS, DoS, and Reconnaissance attacks most effectively and efficiently among the applied machine learning algorithms.

키워드

과제정보

This work was supported by Kyungnam University Foundation Grant in 2020.

참고문헌

  1. Cisco. (2018). Cisco Cisco Visual NetworkingIndex: Forecast and Trends, 2017-2022
  2. Yang, Y. M., Park, S. T., & Kim, Y. M. (2020). A Study on Reinforcing Non-Identifying Personal Sensitive Information Management on IoT Environment. The Journal of the Korea Contents Association, 20(8), 34-41. https://doi.org/10.5392/JKCA.2020.20.08.034
  3. I. Alrashdi, A. Alqazzaz, E. Aloufi, R. Alharthi, M. Zohdy & H. Ming. (2019). "AD-IoT: Anomaly Detection of IoT Cyberattacks in Smart City Using Machine Learning" 2019 IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC), 305-310. DOI: 10.1109/CCWC.2019.8666450
  4. T. Greene. (2016). IT WORLD. https://www.itworld.co.kr/news/101726
  5. S. Pokhrel, R. Abbas & Bhulok Aryal.(2021). IoT Security: Botnet detection in IoT using Machine learning. arXiv:2104.02231
  6. L. Xiao, X. Wan, X. Lu, Y. Zhang & Di Wu. (2018). IoT Security Techniques Based on Machine Learning. IEEE Signal Processing Magazine Sept. 41 - 49, DOI: 10.1109/MSP.2018.2825478
  7. N. Koroniotis, N. Moustafa1, E. Sitnikova & J. Slay. (2017). Towards Developing Network Forensic Mechanism for Botnet Activities in the IoT Based on Machine Learning Techniques. International Conference on Mobile Networks and Management, 30-44. DOI: 10.1007/978-3-319-90775-8_3
  8. S.S-Khah, P.F Marteau, N. Bechet. (2017). Intrusion detection in network systems through hybrid supervised and unsupervised mining process-a detailed case study on the ISCX benchmark dataset. Data Intelligence and Security (ICDIS). DOI: 10.1109/ICDIS.2018.00043
  9. Hayretdin Bahsi, Sven Nomm, Fabio Benedetto & La Torre.(2018). Dimensionality Reduction for Machine Learning Based IoT Botnet Detection. 15th International Conference ICARCV Singapore, November. DOI: 10.1109/ICARCV.2018.8581205
  10. M. Zolanvari, M.A. Teixeira, L. Gupta ,K.M. Khan, & R.Jain. (2019) Machine Learning-Based Network Vulnerability Analysis of Industrial Internet of Things. IEEE Internet of Things Journal Volume: 6. DOI: 10.1109/JIOT.2019.2912022
  11. M. Shafiq, Z. Tian, A.K. Bashir & X. Du. (2020). CorrAUC: a Malicious Bot-IoT Traffic Detection Method in IoT Network Using Machine Learning Techniques. IEEE Internet of Things Journal Volume: 8, DOI: 10.1109/JIOT.2020.3002 255
  12. R. Sommer & V. Paxson.(2010). Outside the Closed World: On Using Machine Learning For Network Intrusion Detection. IEEE Symposium on Security and Privacy, IEEE, 305-316. DOI:10.1109/SP. Computer Systems 100 ,779-796. https://doi.org/10.1016/j.future.2019.05.041
  13. I. Sharafaldin, A. H Lashkari & A. Ghorbani.(2018). Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization. In Proceedings of the 4th International Conference on Information Systems Security and Privacy, 108-116. DOI: 10.5220/0006639801080116
  14. K. Nickolaos, N. Moustafa, E. Sitnikova, & B. Turnbull. (2019). Towards the development of realistic botnet dataset in the internet of things for network forensic analytics Bot-Iot dataset. Future Generation
  15. M. H. Bhuyan, D. K. Bhattacharyya, J. K. Kalita. (2015). Towards generating reallife datasets for network intrusion detection, IJ Network Security 17(6). 675-693.
  16. N. . Moustafa, J. Slay. (2015). Unsw-nb15: a comprehensive data set for network intrusion detection systems(unsw-nb15 network data set), Military Communications and Information Systems Conference (MilCIS), IEEE, pp. 1-6. DOI: 10.1109/MilCIS.2015.7348942
  17. A. Ammar.(2015) A decision tree classifier for intrusion detection priority tagging, Journal of Computer and Communications 3(4) 52-58, DOI:10.4236/jcc.2015.34006
  18. The BoT-IoT Dataset https://cloudstor.aarnet.edu.au/plus/s/umT99TnxvbpkkoE?path=%2FCSV