IoT BotScan: Ultra-Lightweight AI Defense Against Botnet Threats

This research study examines the effectiveness of Deep Learning (DL) and Machine Learning (ML) algorithms in identifying BotNet attacks within network infrastructures. Various algorithms, including Random Forests (RF), Decision Trees (DT), Convolutional Neural Networks (CNN), and Long Short-Term Memory (LSTM) networks, were evaluated using the N-BaIoT dataset, which encompasses multiple BotNet attack types. The findings indicate that ML models, specifically RF and K-Nearest Neighbors (KNN), demonstrate superior performance in terms of recall, precision, and overall accuracy compared to DL methods, with KNN achieving the highest accuracy of 99.94% followed by RF and ETC (99.55%). Among DL models, CNN has the highest accuracy (86.20%). The study focuses on multiclass classification (11 classes) and employs 10-fold cross-validation to enhance model robustness and mitigate overfitting. Notably, the research emphasizes the significance of feature engineering and selection techniques in enhancing model performance by identifying critical indicators of BotNet activity. A key contribution of this study is the lightweight RF approach, which minimizes the number of features to reduce complexity. The insights gained from this research provide valuable information for academics and cybersecurity practitioners, aiding in the development of proactive defenses against evolving BotNet threats and promoting the advancement of resilient security measures for network infrastructures.