Adaptive online learning for IoT botnet detection

Abstract With the number of Internet of Things (IoT) devices proliferating, the traffic volume of IoT-based attacks has shown a gradually increasing trend. The IoT botnet attack, which aims to commit real, efficient, and profitable cybercrimes , has become one of the most severe IoT threats. Applying traditional techniques to IoT is difficult due to its particular characteristics, such as resource-constrained devices, massive volumes of data, and real-time requirements. In this paper, we explore an adaptive online learning strategy for real-time IoT botnet attack detection. Furthermore, we operate the proposed adaptive strategy in conjunction with online ensemble learning . To evaluate the proposed strategy, we use real IoT traffic data, including benign traffic data and botnet traffic data infected by Mirai. In real-time IoT botnet attack detection, our experimental results demonstrate that the proposed adaptive online learning strategy achieves remarkable performance.