PSI-rooted subgraph: A novel feature for IoT botnet detection using classifier algorithms

It is obvious that IoT devices are widely used more and more in many areas. However, due to limited resources (e.g., memory, CPU), the security mechanisms on many IoT devices such as IP-Camera, router are low. Therefore, botnets are an emerging threat to compromise IoT devices recently. To tackle this, a novel method for IoT botnets detection plays a crucial role. In this paper, we have some contributions for IoT botnet detection: first, we present a novel high-level PSI-rooted subgraph-based feature for the detection of IoT botnets; second, we generate a limited number of features that have precise behavioral descriptions, which require smaller space and reduce processing time; third, The evaluation results show the effectiveness and robustness of PSI-rooted subgraph-based features, as with five machine classifiers consisting of Random Forest, Decision Tree, Bagging, k-Nearest Neighbor, and Support Vector Machine, each classifier achieves more than 97% detection rate and low time-consuming. Moreover, compared to other work, our proposed method obtains better performance. Finally, we publicize all our materials on Github, which will benefit future research (e.g., IoT botnet detection approach).