Predicting DoS and DDoS Attacks in IoT Networks  
Author Joffrey L. Leevy


Co-Author(s) Taghi M. Khoshgoftaar; John Hancock


Abstract As the use of Internet of Things (IoT) devices becomes more prevalent, the rate of cyberattacks on IoT networks shows an increasing trend. In this research, we examine the Bot-IoT dataset with a focus on classifying Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks. Attacks of this nature are costly to an organization in terms of time and money because resources and services become inaccessible. Our contribution highlights the impact of ensemble Feature Selection Techniques (FSTs) on building predictive models. As far as we are aware, this type of study has never been performed for the DoS and DDoS attack categories of Bot-IoT. In general, with regard to DoS and DDoS, we determined that the best learners are Decision Tree-based classifiers. For DoS classification, our ensemble FST approach yields models with the best performance scores. However, for DDoS classification, the use of all Bot-IoT features (no ensemble FSTs) results in models with the best performance scores. We also observed that the application of Random Undersampling (RUS) boosted model performance.


Keywords DoS, DDoS, IoT, Bot-IoT, ensemble feature selection, machine learning
    Article #:  RQD27-73

Proceedings of 27th ISSAT International Conference on Reliability & Quality in Design
Virtual Event

August 4-6, 2022