Evaluation on Bot-IoT Dataset Enabled Reducing False Alarm Rate for IoT Threats

Umar Audi Isma'ila; Kamaluddeen Usman Danyaro; Mohd Fadzil Hassan; M.S. Liew; Umar Danjuma Maiwada; Aminu Aminu Muazu

المؤلفون

Umar Audi Isma'ila Computer and Information Sciences Department, Faculty of Science and Information Technology, Universiti Teknologi PETRONAS, Perak 32610, Malaysia https://orcid.org/0009-0009-6553-7670
Kamaluddeen Usman Danyaro Computer and Information Sciences Department, Faculty of Science and Information Technology, Universiti Teknologi PETRONAS, Perak 32610, Malaysia
Mohd Fadzil Hassan Computer and Information Sciences Department, Faculty of Science and Information Technology, Universiti Teknologi PETRONAS, Perak 32610, Malaysia
M.S. Liew Civil and Environmental Engineering Department, Faculty of Engineering, Universiti Teknologi PETRONAS, Perak 32610, Malaysia
Umar Danjuma Maiwada [1]- Computer and Information Sciences Department, Faculty of Science and Information Technology, Universiti Teknologi PETRONAS, Perak 32610, Malaysia | [2]- Computer Sciences Department, Faculty of Natural and Applied Science, Umaru Musa Yar’adua University Katsina, Nigeria https://orcid.org/0000-0001-7679-3674
Aminu Aminu Muazu [1]- Computer and Information Sciences Department, Faculty of Science and Information Technology, Universiti Teknologi PETRONAS, Perak 32610, Malaysia | [2]- Computer Sciences Department, Faculty of Natural and Applied Science, Umaru Musa Yar’adua University Katsina, Nigeria https://orcid.org/0000-0001-6789-0579

الكلمات المفتاحية:

False alarm rate، Bot-IoT dataset evaluation، Anomaly-based intrusion detection، LightGBM classifier، IoT device threats

الملخص

The growth of Internet of Things (IoT) devices has been increasing day by day. Its widespread adoption is significantly simplifying our daily tasks. However, the increasing number of these interconnected IoT devices has led to a many insecurity vulnerabilities, resulting in higher operational expenses. Consequently, IoT devices are experiencing a notable rise in False Alarm Rate (FAR). Therefore, this study intends to explore the application of Anomaly-based Intrusion Detection System (A-IDS), specifically focusing on the utilization of Bot-IoT dataset. First, we deliver a description of the Bot-IoT dataset and evaluate its potential in A-IDS enabled reducing FAR. We introduce a new model termed TrigFAR Model. In which TrigFAR utilized lightGBM classifier and trained on two sets of Bot-IoT dataset, namely 10-best features set and full features set. This is to enable the reduction of high FAR for IoT threats. The results obtained demonstrate that TrigFAR on Bot-IoT dataset overcome the performance of other publicly and real-world A-IDS datasets. While in terms of reducing FAR for IoT we achieved the highest accuracy in detecting attacks of 100% with 0% FAR on the full features set. Whereas achieving 99% accuracy and 0.42% of FAR on 10-best features set. Lastly, we discuss the results and identify areas for future study on IoT threats while maintaining the minimum FAR.