Abstract

With internet, billions and millions of devices in Internet of Things (IoT) are interconnected and are communicated with other devices through messaging bots. The messaging bots are sometimes controlled by the attackers so as to carry out several malicious activities. Thus bots become a serious cyber security hazard for the IoT devices. For this reason, it is crucial to detect the existence of malicious bots and other anomalies in the network. Thus to tackle with these bots and anomalies a Novel Forecastive Anomaly based Botnet Revelation Framework is designed in our proposed work. The approach works as a two way progression, i.e. first is the Instance Creation and the second is Cataloging. As an alternative to machine learning algorithm, in our work, an Ensemble based Stream Mining is being used to generate several instances with less memory and time. Once the instances are created, Graph Structure Based Detection of Anomaly (GSBDA) is initiated based on features derived by the stream mining algorithm to detect the presence of hazardous anomalies. In addition, the second phase utilizes a KNN (K Nearest neighbor) algorithm, a type of instance based learning algorithm. It is used to identify the Botnet accurately by observing the network flows.

摘要

借助互联网，物联网（IoT）中数十亿个设备相互连接，并通过消息传递机器人与其他设备通信。邮件机器人有时会受到攻击者的控制，以进行多种恶意活动。因此，机器人成为物联网设备的严重网络安全隐患。因此，至关重要的是检测网络中是否存在恶意僵尸程序和其他异常情况。因此，针对这些机器人和异常，在我们提出的工作中设计了一种基于新型预测异常的僵尸网络启示框架。该方法以双向方式进行，即第一个是实例创建，第二个是编目。作为机器学习算法的替代方法，在我们的工作中，一个基于Ensemble的Stream Mining正在用于使用更少的内存和更少的时间来生成多个实例。创建实例后，将基于流挖掘算法得出的特征来启动基于图结构的异常检测（GSBDA），以检测危险异常的存在。另外，第二阶段利用KNN（K最近邻居）算法，这是一种基于实例的学习算法。它通过观察网络流量来准确地识别僵尸网络。