IOT-BOTNETASSISTEDDDOSATTACKDETECTIONAND CLASSIFICATIONUSINGGRAPHMACHINELEARNINGAPPROACH

Abstract

Distributed denial-of-service (DDoS) attacks are a major threat on the Internet, especially with the increasing use of the Internet of Things (IoTs). The rise of IoT-based botnets has made DDoS attacks even more common and dangerous. In response to this issue, researchers have developed various DDoS attack detection models for IoT networks, but there is still a need for new techniques to combat these evolving threats. In this study, we proposed a model that utilizes Graph Neural Networks (GNNs) to analyze network flow data and detect and classify attack traffic in IoT networks. We conducted experiments using the CIC-BoT-IoT and CICIoT2023 datasets, which contain both normal and attack network traffic. We preprocessed the data, applied the SMOTE technique to address imbalanced data, and constructed a graph structure using the training and test datasets. Our model leveraged the natural structure of network information to classify network traffic, particularly focusing on IoT botnet DDoS attacks. The evaluation results of our proposed classifier demonstrated high accuracy, with a score of 99.14% using the CIC-BoT-IoT dataset and 99.39% using the CICIoT2023 dataset. The F1 score, recall rate, and AUC ROC also showed good performance, indicating the effectiveness of our model in detecting IoT botnet DDoS attacks. These results suggest that our algorithm surpasses existing methods and holds promise for enhancing IoT security in real-world applications.