Mirai botnet attack detection in low-scale network traffic

Abstract

The Internet of Things (IoT) has aided in the development of new products and services. Due to the heterogeneity of IoT items and networks, traditional techniques cannot identify network risks. Rule-based solutions make it challenging to secure andmanage IoT devices and services due to their diversity. While the use of artificial intelligence eliminates the need to define rules, the training and retraining processes require additional processing power. This study proposes a methodology for analyzing constrained devices in IoT environments. We examined the relationship between different sized samples from the Kitsune dataset to simulate the Mirai attack on IoT devices. The training and retraining stages for the Mirai attack were also evaluated for accuracy. Various approaches are evaluated in smaller sample sizes to minimize training time on low-resource devices. Cross-validation was used to avoid overfitting classification methods during the learning process. We used the Bootstrapping technique to generate 1000, 10000, and 100000 samples to examine the performance metrics of different-sized variations of the dataset. In this study, we demonstrated that a sample size of 10000 is sufficient for 99,56% accuracy and learning in the detection of Mirai attacks in IoT devices.