Track: Research Track |
| Image Processing for Detecting Botnet Attacks: A Novel Approach for Flexibility and Scalability |
| The introduction of the IoT challenges this notion by placing computing resources and observation at the edge of the network. As a result, decentralized approaches for information processing and gathering can be adopted and explored. However, this shift greatly expands the network footprint and shifts traffic away from the center of the network, where observation and cybersecurity monitoring tools are frequently located. Further, IoT devices are often computationally constrained, limiting their readiness to deal with cyber-threats. These security vulnerabilities make the IoT an easy target for hacking groups and lead to the proliferation of zombie networks of compromised devices. Frequently, zombie networks, otherwise known as botnets, are coordinated to attack targets and overload network resources through a Distributed Denial of Service (DDoS) attack. In order to crack down on these botnets, it is essential to develop new methods for quickly and efficiently detecting botnet activity. This study proposes a novel botnet detection technique that first pre-processes network data through computer vision and image processing. The processed dataset is then sent to a neural network for final classification. Two neural networks will be explored, a sequential model and an auto-encoder model. The application of image processing has two advantages over current methods. First, the image processing is simple enough to be completed at the edge of the network by the IoT devices. Second, preprocessing the data allows us to use a shallower network, decreasing detection time further. We will utilize the N-BaIoT dataset and compare our findings to their results. |
|
| Presentation Video |
