Lightweight Meta-Learning BotNet Attack Detection

Modern society is increasingly dependent on numerous Internet of Things (IoT) devices to assist in a variety of scenarios, such as smart homes and cities, healthcare systems, and cyber-physical systems. Despite IoT's increasing popularity, IoT security remains a challenge due to the multitude of attack vectors. Existing cyber-attack defense methods attempt to protect the network from both within and outside the network. Network intrusion detection systems (NIDSs) act as device borders within network security and offer a potential defense methodology. This research analyzes the performance of an Artificial Intelligent Internet of Things (AIoT) lightweight botnet attack detection model by deploying meta-learning ensemble botnet detection models and evaluates the capability of a single-board system in addressing cyber-attack threats. The Aposemat IoT-23 [1], UC Irvine KDD99 [2], and UNSW TON [3] data sets provide IoT and network traffic network flow captures which are used to evaluate the proposed meta-learning methodologies. Experiments show that deployment of our proposed methodologies on edge devices exhibits similar results to PC-based Desktop CPU-trained models. Over the three data sets, when considering a binary classifier (benign versus malignant), our models can consistently achieve above 97.9% accuracy with a false positive rate (FPR) less than 3.8% and an inference time less than 3.95 s. In this work, we show that for binary classification our meta-learners provide consistently stable high accuracy low FPR performance across all three data sets, while maintaining reasonable inference times.

Automated summary

Modern society heavily relies on IoT devices, but IoT security remains a challenge. Existing network intrusion detection systems play a role in protecting network security. This research evaluates the capability of a single-board system in addressing cyber-attack threats by deploying meta-learning ensemble botnet detection models.