| Title | IoT Reconnaissance Attack Classification with Random Undersampling and Ensemble Feature Selection |
| Publication Type | Conference Paper |
| Year of Publication | 2021 |
| Authors | Leevy, Joffrey L., Hancock, John, Khoshgoftaar, Taghi M., Seliya, Naeem |
| Conference Name | 2021 IEEE 7th International Conference on Collaboration and Internet Computing (CIC) |
| Date Published | dec |
| Keywords | Big Data, Bot-IoT, Buildings, feature extraction, feature selection, Internet of Things, Intrusion detection, IoT, Network reconnaissance, Predictive models, pubcrawl, random undersampling, Receivers, Reconnaissance, resilience, Resiliency, Scalability, Training |
| Abstract | The exponential increase in the use of Internet of Things (IoT) devices has been accompanied by a spike in cyberattacks on IoT networks. In this research, we investigate the Bot-IoT dataset with a focus on classifying IoT reconnaissance attacks. Reconnaissance attacks are a foundational step in the cyberattack lifecycle. Our contribution is centered on the building of predictive models with the aid of Random Undersampling (RUS) and ensemble Feature Selection Techniques (FSTs). As far as we are aware, this type of experimentation has never been performed for the Reconnaissance attack category of Bot-IoT. Our work uses the Area Under the Receiver Operating Characteristic Curve (AUC) metric to quantify the performance of a diverse range of classifiers: Light GBM, CatBoost, XGBoost, Random Forest (RF), Logistic Regression (LR), Naive Bayes (NB), Decision Tree (DT), and a Multilayer Perceptron (MLP). For this study, we determined that the best learners are DT and DT-based ensemble classifiers, the best RUS ratio is 1:1 or 1:3, and the best ensemble FST is our ``6 Agree'' technique. |
| DOI | 10.1109/CIC52973.2021.00016 |
| Citation Key | leevy_iot_2021 |
IoT Reconnaissance Attack Classification with Random Undersampling and Ensemble Feature Selection