Forensics and Deep Learning Mechanisms for Botnets in Internet of Things: A Survey of Challenges and Solutions

Nickolaos Koroniotis; Nour Moustafa; Elena Sitnikova

doi:10.1109/ACCESS.2019.2916717

IEEE Access (Jan 2019)

Forensics and Deep Learning Mechanisms for Botnets in Internet of Things: A Survey of Challenges and Solutions

Nickolaos Koroniotis,
Nour Moustafa,
Elena Sitnikova

Affiliations

Nickolaos Koroniotis: UNSW Canberra Cyber, the School of Engineering and Information Technology (SEIT), University of New SouthWales Canberra, Canberra, ACT, Australia
Nour Moustafa: ORCiD; UNSW Canberra Cyber, the School of Engineering and Information Technology (SEIT), University of New SouthWales Canberra, Canberra, ACT, Australia
Elena Sitnikova: UNSW Canberra Cyber, the School of Engineering and Information Technology (SEIT), University of New SouthWales Canberra, Canberra, ACT, Australia

DOI: https://doi.org/10.1109/ACCESS.2019.2916717
Journal volume & issue: Vol. 7
pp. 61764 – 61785

Abstract

Read online

The constant miniaturization of hardware and an increase in power efficiency, have made possible the integration of intelligence into ordinary devices. This trend of augmenting so-called non-intelligent everyday devices with computational capabilities has led to the emergence of the Internet of Things (IoT) domain. With a wide variety of applications, such as home automation, smart grids/cities, and critical infrastructure management, the IoT systems make compelling targets for cyber-attacks. In order to effectively compromise these systems, adversaries employ different advanced persistent threat (APT) methods, with one such sophisticated method, being botnets. By employing a plethora of infected machines (bots), attackers manage to compromise the IoT systems and exploit them. Prior to the appearance of the IoT domain, specialized digital forensics mechanisms were developed, in order to investigate Botnet activities in small-scale systems. Since IoT enabled botnets are scalable, technologically diverse and make use of current high-speed networks, developing forensic mechanisms capable of investigating the IoT Botnet activities has become an important challenge in the cyber-security field. Various studies have proposed, deep learning as a viable solution for handling the IoT generated data, as it was designed to handle diverse data in large volumes, requiring near real-time processing. In this study, we provide a review of forensics and deep learning mechanisms employed to investigate botnets and their applicability in the IoT environments. We provide a new definition for the IoT, in addition to a taxonomy of network forensic solutions, that were developed for both conventional, as well as, the IoT settings. Furthermore, we investigate the applicability of deep learning in network forensics, the inherent challenges of applying network forensics techniques to the IoT, and provide future direction for research in this field.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords