MedBIoT: Generation of an IoT Botnet Dataset in a Medium-sized IoT Network

Alejandro Guerra-Manzanares, Jorge Medina-Galindo, Hayretdin Bahsi, Sven Nõmm

2020

Abstract

The exponential growth of the Internet of Things in conjunction with the traditional lack of security mechanisms and resource constraints associated with these devices have posed new risks and challenges to security in networks. IoT devices are compromised and used as amplification platforms by cyber-attackers, such as DDoS attacks. Machine learning-based intrusion detection systems aim to overcome network security limitations relying heavily on data quantity and quality. In the case of IoT networks these data are scarce and limited to small-sized networks. This research addresses this issue by providing a labelled behavioral IoT data set, which includes normal and actual botnet malicious network traffic, in a medium-sized IoT network infrastructure (83 IoT devices). Three prominent botnet malware are deployed and data from botnet infection, propagation and communication with C&C stages are collected (Mirai, BashLite and Torii). Binary and multi-class machine learning classification models are run on the acquired data demonstrating the suitability and reliability of the generated data set for machine learning-based botnet detection IDS testing, design and deployment. The generated IoT behavioral data set is released publicly available as MedBIoT data set∗.

Download


Paper Citation


in Harvard Style

Guerra-Manzanares A., Medina-Galindo J., Bahsi H. and Nõmm S. (2020). MedBIoT: Generation of an IoT Botnet Dataset in a Medium-sized IoT Network. In Proceedings of the 6th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-399-5, pages 207-218. DOI: 10.5220/0009187802070218


in Bibtex Style

@conference{icissp20,
author={Alejandro Guerra-Manzanares and Jorge Medina-Galindo and Hayretdin Bahsi and Sven Nõmm},
title={MedBIoT: Generation of an IoT Botnet Dataset in a Medium-sized IoT Network},
booktitle={Proceedings of the 6th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2020},
pages={207-218},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0009187802070218},
isbn={978-989-758-399-5},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 6th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - MedBIoT: Generation of an IoT Botnet Dataset in a Medium-sized IoT Network
SN - 978-989-758-399-5
AU - Guerra-Manzanares A.
AU - Medina-Galindo J.
AU - Bahsi H.
AU - Nõmm S.
PY - 2020
SP - 207
EP - 218
DO - 10.5220/0009187802070218