The Internet of Things (IoT) has grown rapidly, and nowadays, it is exploited by cyber attacks on IoT devices. An accurate system to identify malicious attacks on the IoT environment has become very important for minimizing security risks on IoT devices. Botnet attacks are among the most serious and widespread attacks, and they threaten IoT devices. Motionless IoT devices have a security weakness due to lack of sufficient memory and computation results for a security platform. In addition, numerous existing systems present themselves for finding unknown patterns from IoT networks to improve security. In this study, hybrid deep learning, a convolutional neural network and long short-term memory (CNN-LSTM) algorithm, was proposed to detect botnet attacks, namely, BASHLITE and Mirai, on nine commercial IoT devices. Extensive empirical research was performed by employing a real N-BaIoT dataset extracted from a real system, including benign and malicious patterns. The experimental results exposed the superiority of the CNN-LSTM model with accuracies of 90.88% and 88.61% in detecting botnet attacks from doorbells (Danminin and Ennio brands), whereas the proposed system achieved good accuracy (88.53%) in identifying botnet attacks from thermostat devices. The accuracies of the proposed system in detecting botnet attacks from security cameras were 87.19%, 89.23%, 87.76%, and 89.64%, with respect to accuracy metrics. Overall, the CNN-LSTM model was successful in detecting botnet attacks from various IoT devices with optimal accuracy.

中文翻译：

---

基于 CNN-LSTM 模型的物联网应用僵尸网络攻击检测

物联网 (IoT) 发展迅速，如今，它被对物联网设备的网络攻击所利用。一个准确的系统来识别对物联网环境的恶意攻击对于最小化物联网设备的安全风险变得非常重要。僵尸网络攻击是最严重和最普遍的攻击之一，它们威胁着物联网设备。由于安全平台缺乏足够的内存和计算结果，静止物联网设备存在安全弱点。此外，许多现有系统都用于从物联网网络中寻找未知模式以提高安全性。在这项研究中，提出了混合深度学习、卷积神经网络和长短期记忆 (CNN-LSTM) 算法来检测 9 种商业物联网设备上的僵尸网络攻击，即 BASHLITE 和 Mirai。通过使用从真实系统中提取的真实 N-BaIoT 数据集进行了广泛的实证研究，包括良性和恶意模式。实验结果暴露了 CNN-LSTM 模型在检测来自门铃（Danminin 和 Ennio 品牌）的僵尸网络攻击的准确率分别为 90.88% 和 88.61% 的优越性，而所提出的系统在识别来自恒温器的僵尸网络攻击方面取得了良好的准确率（88.53%）设备。就准确性指标而言，所提出的系统在检测来自安全摄像头的僵尸网络攻击方面的准确率分别为 87.19%、89.23%、87.76% 和 89.64%。总体而言，CNN-LSTM 模型成功地以最佳精度检测了来自各种物联网设备的僵尸网络攻击。实验结果暴露了 CNN-LSTM 模型在检测来自门铃（Danminin 和 Ennio 品牌）的僵尸网络攻击的准确率分别为 90.88% 和 88.61% 的优越性，而所提出的系统在识别来自恒温器的僵尸网络攻击方面取得了良好的准确率（88.53%）设备。就准确性指标而言，所提出的系统在检测来自安全摄像头的僵尸网络攻击方面的准确率分别为 87.19%、89.23%、87.76% 和 89.64%。总体而言，CNN-LSTM 模型成功地以最佳精度检测来自各种物联网设备的僵尸网络攻击。实验结果暴露了 CNN-LSTM 模型在检测来自门铃（Danminin 和 Ennio 品牌）的僵尸网络攻击的准确率分别为 90.88% 和 88.61% 的优越性，而所提出的系统在识别来自恒温器的僵尸网络攻击方面取得了良好的准确率（88.53%）设备。就准确性指标而言，所提出的系统在检测来自安全摄像头的僵尸网络攻击方面的准确率分别为 87.19%、89.23%、87.76% 和 89.64%。总体而言，CNN-LSTM 模型成功地以最佳精度检测了来自各种物联网设备的僵尸网络攻击。就准确性指标而言，所提出的系统在检测来自安全摄像头的僵尸网络攻击方面的准确率分别为 87.19%、89.23%、87.76% 和 89.64%。总体而言，CNN-LSTM 模型成功地以最佳精度检测了来自各种物联网设备的僵尸网络攻击。就准确性指标而言，所提出的系统在检测来自安全摄像头的僵尸网络攻击方面的准确率分别为 87.19%、89.23%、87.76% 和 89.64%。总体而言，CNN-LSTM 模型成功地以最佳精度检测了来自各种物联网设备的僵尸网络攻击。