Review Paper on Autonomous Detection of IoT Botnet Attacks using Deep Learning Technique
Main Article Content
Abstract
The rapid proliferation of Internet of Things (IoT) devices has significantly increased network connectivity while simultaneously exposing critical security vulnerabilities. Due to weak authentication mechanisms, limited computational resources, and large-scale deployment, IoT devices have become prime targets for botnet attacks such as Mirai, Bashlite, and Mozi. These botnets can compromise thousands of devices and launch severe cyberattacks, including Distributed Denial of Service (DDoS), data leakage, and service disruption. Traditional intrusion detection systems based on signatures and rule-based techniques are often ineffective against evolving and zero-day IoT botnet threats. Consequently, deep learning (DL) techniques have emerged as a powerful solution for autonomous IoT botnet detection.
This review paper presents a comprehensive analysis of deep learning-based approaches for the autonomous detection of IoT botnet attacks. It examines widely used DL models such as Convolutional Neural Networks (CNN), Recurrent Neural Networks (RNN), Long Short-Term Memory (LSTM), autoencoders, and hybrid CNN–LSTM architectures. The paper discusses how these models automatically learn complex spatial and temporal patterns from IoT network traffic, eliminating the need for manual feature engineering. Additionally, commonly used benchmark datasets, evaluation metrics, and performance comparisons with traditional machine learning techniques are reviewed.
The study also highlights key challenges, including computational complexity, scalability, dataset generalization, and real-time deployment in resource-constrained IoT environments. Finally, future research directions such as lightweight models, online learning, explainable AI, and edge-based deployment are outlined. This review provides valuable insights for researchers and practitioners aiming to develop robust, intelligent, and autonomous IoT botnet detection systems.
Article Details
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
References
S. I. Popoola, B. Adebisi, M. Hammoudeh, G. Gui and H. Gacanin, "Hybrid Deep Learning for Botnet Attack Detection in the Internet-of-Things Networks," in IEEE Internet of Things Journal, vol. 8, no. 6, pp. 4944-4956, 15 March15, 2021, doi: 10.1109/JIOT.2020.3034156.
S. I. Popoola, R. Ande, B. Adebisi, G. Gui, M. Hammoudeh and O. Jogunola, "Federated Deep Learning for Zero-Day Botnet Attack Detection in IoT Edge Devices," in IEEE Internet of Things Journal, doi: 10.1109/JIOT.2021.3100755.
B. H. Schwengber, A. Vergütz, N. G. Prates and M. Nogueira, "Learning from Network Data Changes for Unsupervised Botnet Detection," in IEEE Transactions on Network and Service Management, doi: 10.1109/TNSM.2021.3109076.
F. Hussain et al., "A Two-Fold Machine Learning Approach to Prevent and Detect IoT Botnet Attacks," in IEEE Access, vol. 9, pp. 163412-163430, 2021, doi: 10.1109/ACCESS.2021.3131014.
R. Li, Q. Li, J. Zhou and Y. Jiang, "ADRIoT: An Edge-assisted Anomaly Detection Framework against IoT-based Network Attacks," in IEEE Internet of Things Journal, doi: 10.1109/JIOT.2021.3122148.
B. H. Schwengber, A. Vergütz, N. G. Prates and M. Nogueira, "Learning from Network Data Changes for Unsupervised Botnet Detection," in IEEE Transactions on Network and Service Management, doi: 10.1109/TNSM.2021.3109076.
A. Alharbi and K. Alsubhi, "Botnet Detection Approach Using Graph-Based Machine Learning," in IEEE Access, vol. 9, pp. 99166-99180, 2021, doi: 10.1109/ACCESS.2021.3094183.
S. Qureshi et al., "A Hybrid DL-Based Detection Mechanism for Cyber Threats in Secure Networks," in IEEE Access, vol. 9, pp. 73938-73947, 2021, doi: 10.1109/ACCESS.2021.3081069.
W. N. H. Ibrahim et al., "Multilayer Framework for Botnet Detection Using Machine Learning Algorithms," in IEEE Access, vol. 9, pp. 48753-48768, 2021, doi: 10.1109/ACCESS.2021.3060778.
T. -L. Wan et al., "Efficient Detection and Classification of Internet-of-Things Malware Based on Byte Sequences from Executable Files," in IEEE Open Journal of the Computer Society, vol. 1, pp. 262-275, 2020, doi: 10.1109/OJCS.2020.3033974.
L. Vu, V. L. Cao, Q. U. Nguyen, D. N. Nguyen, D. T. Hoang and E. Dutkiewicz, "Learning Latent Representation for IoT Anomaly Detection," in IEEE Transactions on Cybernetics, doi: 10.1109/TCYB.2020.3013416.
S. M. Sajjad, M. Yousaf, H. Afzal and M. R. Mufti, "eMUD: Enhanced Manufacturer Usage Description for IoT Botnets Prevention on Home WiFi Routers," in IEEE Access, vol. 8, pp. 164200-164213, 2020, doi: 10.1109/ACCESS.2020.3022272.
A. Blaise, M. Bouet, V. Conan and S. Secci, "Botnet Fingerprinting: A Frequency Distributions Scheme for Lightweight Bot Detection," in IEEE Transactions on Network and Service Management, vol. 17, no. 3, pp. 1701-1714, Sept. 2020, doi: 10.1109/TNSM.2020.2996502.
Y. Jia, F. Zhong, A. Alrawais, B. Gong and X. Cheng, "FlowGuard: An Intelligent Edge Defense Mechanism Against IoT DDoS Attacks," in IEEE Internet of Things Journal, vol. 7, no. 10, pp. 9552-9562, Oct. 2020, doi: 10.1109/JIOT.2020.2993782.
L. Silva, L. Utimura, K. Costa, M. Silva and S. Prado, "Study on Machine Learning Techniques for Botnet Detection," in IEEE Latin America Transactions, vol. 18, no. 05, pp. 881-888, May 2020, doi: 10.1109/TLA.2020.9082916.