BOTSIAM-DRL-Botnet detection using a few shot active matching siamese network deep reinforcement learning in IoT networks

【Author】 Alexander, R.; Kumar, K. Pradeep Mohan

【Source】CLUSTER COMPUTING-THE JOURNAL OF NETWORKS SOFTWARE TOOLS AND APPLICATIONS

【影响因子】2.303

【Abstract】Multistage malware poses a significant and evolving threat to Internet of Things (IoT) devices. These threats can range from relatively simple attacks to more sophisticated operations, such as cryptojacking-where attackers exploit system resources for cryptocurrency mining-and Distributed Denial-of-Service (DDoS) attacks, which aim to overwhelm devices and networks, causing service disruptions. One major challenge in addressing these threats lies in the reliance on machine learning and deep learning solutions. These approaches often encounter difficulties due to imbalanced data samples, which can distort detection results, and limited generalization capability, a phenomenon known as model drift. Model drift occurs when a model trained on historical data fails to adapt to new and evolving attack patterns, thereby significantly limiting the effectiveness of intrusion detection systems. To confront these challenges, a novel approach called BoTSIAM-DRL is suggested. This innovative model combines Siamese active learning-a technique that utilizes similar input pairs to enhance understanding-with a reward mechanism that incentivizes accurate detection. This unique combination provides a fresh perspective and a solution not previously explored in existing literature. The design of BoTSIAM-DRL allows it to dynamically learn and adapt to the evolving nature of malware attacks, refining its strategies as new threats emerge. The model's performance has been rigorously evaluated using the MedBIoT and N-BaIoT datasets, which are specifically curated for IoT security challenges. Impressively, BoTSIAM-DRL has achieved a detection accuracy exceeding 99% throughout the entire lifecycle of these datasets, highlighting its potential as a robust defense mechanism against the increasingly sophisticated landscape of multistage malware threats targeting IoT devices.

【Keywords】Deep reinforcement learning (DRL); Matching siamese active learning (MSAL); Data handler (DL); Bashlite, Mirai, Torii, Botnet detection using a few shot active matching siamese network deep reinforcement learning (BoTSIAM); Deep Q Network (DQN)

【发表时间】2025 SEP 3

【收录时间】2025-09-13

【文献类型】

【主题类别】

--