An Advanced Computing Approach for IoT-Botnet Detection in Industrial Internet of Things

Tu N. Nguyen, Kennesaw State University
Quoc Dung Ngo
Huy Trung Nguyen
Nguyen Long Giang, Vietnamese Academy of Science and Technology Institute of Information Technology


We present a novel and advanced computing method for IoT botnet detection in this paper using the dynamic analysis to improve graph-based features, which are generated based on static analysis. Specifically, dynamic analysis is used to collect printable string information that appears during the execution of the samples. Then these printable string information is used to traverse the graph, which is obtained based on the static analysis effectively, ultimately acquiring graph-based features that can distinguish between benign or malicious samples. In order to assess the efficacy and superiority of the proposed hybrid approach, we have experimented on the 8330 executable samples, including 5531 IoT botnet samples and 2799 IoT benign samples. Our experiments achieved an accuracy at 98.1% - 91.99% for detecting and classifying IoT botnet, respectively. Experimental results have higher accuracy and lower complexity than existing contemporary counterpart methods.