Botnet attacks classification in AMI networks with recursive feature elimination (RFE) and machine learning algorithms

STRIDE (Spoofing, Tampering, Repudiation, Information Disclosure, Escalation of privilege) in advance metering infrastructure (AMI) and cloud computing have been confronted with numerous botnet attacks within the IoT systems. Botmasters aid botnets in engineering their operations by changing the codes and updating the bots to continue to thwart the recent detection schemes. The study proposed AdKNN, a composition of k's nearest neighbour, an enhanced Adam's optimiser in this paper. The KNN in AdKNN is for the early detection of the botnet within the AMI networks, while the new Adam-based optimiser is responsible for optimising AdKNN. An extensive experiment has demonstrated that our model AdKNN is efficient and effective for botnet classification in AMI networks on the publicly available dataset for IoT-botnet detection evaluated on AMI network dataset compared to existing state-of-the-art (SOTA) models. Performance-wise, AdKNN achieves the highest overall accuracy of 99% with 99% precision and low false positives in an appreciable minimal training time.

Automated summary

This study proposes an efficient method called AdKNN for botnet classification in AMI networks, which is demonstrated to outperform existing state-of-the-art models through extensive experiments.