Date of Graduation

Fall 2020

Degree

Master of Science in Computer Science

Department

Computer Science

Committee Chair

Razib Iqbal

Keywords

convolutional neural networks, deep learning, distributed denial of service attacks, IoT security, long short-term memory recurrent neural networks, support vector machines

Subject Categories

Artificial Intelligence and Robotics | Information Security | OS and Networks

Abstract

With the proliferation of the Internet of Things (IoT), computer networks have rapidly expanded in size. While Internet of Things Devices (IoTDs) benefit many aspects of life, these devices also introduce security risks in the form of vulnerabilities which give hackers billions of promising new targets. For example, botnets have exploited the security flaws common with IoTDs to gain unauthorized control of hundreds of thousands of hosts, which they then utilize to carry out massively disruptive distributed denial of service (DDoS) attacks. Traditional DDoS defense mechanisms rely on detecting attacks at their target and deploying mitigation strategies toward the attacker but differentiating between botnet attack traffic from normal traffic is extremely difficult, rendering mitigation strategies ineffective. An expanding body of work seeks to sidestep this difficulty by using sophisticated machine learning algorithms to detect botnet-based attacks at their source; however, many of these algorithms are computationally demanding and require specialized hardware, which is expensive, rendering them impractical. This thesis proposes a botnet detection mechanism that operates at the IoT access network. It utilizes a novel method of classifying visual representations of network activity using lightweight deep learning models. This approach is shown to be highly effective, with an average accuracy of 99.8% on a sparse dataset, perfect accuracy on an expanded dataset, and runtime latency ranging from 334 ms to 2 seconds on a Raspberry Pi.

Copyright

© Eric A. McCullough

Open Access

Share

COinS