Deteksi Aktifitas Malware pada Internet of Things menggunakan Algoritma Decision Tree dan Random Forest


Authors

  • M. Agus Syamsul Arifin Universitas Bina Insan, Lubuklinggau, Indonesia
  • Andri Anto Tri Susilo Universitas Bina Insan, Lubuklinggau, Indonesia
  • Susanto Susanto Universitas Bina Insan, Lubuklinggau, Indonesia
  • A. Taqwa Martadinata Universitas Bina Insan, Lubuklinggau, Indonesia
  • Budi Santoso Universitas Bina Insan, Lubuklinggau, Indonesia

DOI:

https://doi.org/10.30865/klik.v4i6.1903

Keywords:

Internet of Things (IoT); Malware; Machine Learning; Decision Tree; Random Forest

Abstract

The Internet of Things (IoT) has become an integral part of modern life, connecting smart devices to enhance efficiency and convenience. However, with the increased adoption of IoT, cybersecurity threats, particularly malware, have also risen. This research focuses on detecting malware attacks in IoT networks using machine learning algorithms, specifically Decision Tree and Random Forest. The dataset used is CICIoT2023, which includes various types of IoT network traffic such as BenignTraffic, Mirai-greeth_flood, Mirai-greip_flood, and Backdoor_Malware. In this study, both algorithms demonstrated exceptionally high accuracy on the training data, reaching 100%, and on the test data, achieving 99.94% accuracy for the Random Forest algorithm and 99.90% for the Decision Tree algorithm. Although the performance of both algorithms on the training data was almost identical, Random Forest showed better performance in detecting the Backdoor_Malware class compared to Decision Tree when using test data. Random Forest achieved a precision of 99%, recall of 64%, and F1-Score of 78%, while Decision Tree achieved a precision of 71%, recall of 72%, and F1-Score of 72%. Results from 10-fold cross-validation indicate that the models did not experience overfitting, suggesting reliable and well-generalized models. This research provides insights that the Random Forest algorithm is more effective in detecting malware attacks in IoT networks compared to Decision Tree, particularly in identifying the Backdoor_Malware class. These findings are expected to contribute to the development of more efficient and reliable malware detection systems for IoT networks.

Downloads

Download data is not yet available.

References

H. Alasmary et al., “Analyzing and Detecting Emerging Internet of Things Malware: A Graph-based Approach,” IEEE Internet Things J, vol. 4662, no. c, pp. 1–1, 2019, doi: 10.1109/jiot.2019.2925929.

M. Wazid, A. K. Das, J. J. P. C. Rodrigues, S. Shetty, and Y. Park, “IoMT Malware Detection Approaches: Analysis and Research Challenges,” IEEE Access, vol. 7, pp. 182459–182476, 2019, doi: 10.1109/ACCESS.2019.2960412.

A. Kumar and T. J. Lim, “EDIMA: Early Detection of IoT Malware Network Activitay Using Machine Learning Techniques,” 2019 IEEE 5th World Forum on Internet of Things (WF-IoT), pp. 289–294, 2019, doi: 10.1109/wf-iot.2019.8767194.

ec-council, Ec-Council Official Curricula Hacking Essentials Ethical PROFESSIONAL SERIES, Version 1. New Mexico: EC-Council, 2021.

E. C. P. Neto, S. Dadkhah, R. Ferreira, A. Zohourian, R. Lu, and A. A. Ghorbani, “CICIoT2023: A Real-Time Dataset and Benchmark for Large-Scale Attacks in IoT Environment,” Sensors, vol. 23, no. 13, p. 5941, 2023, doi: 10.3390/s23135941.

A. Guerra-Manzanares, J. Medina-Galindo, H. Bahsi, and S. Nõmm, “MedBIoT: Generation of an IoT botnet dataset in a medium-sized IoT network,” ICISSP 2020 - Proceedings of the 6th International Conference on Information Systems Security and Privacy, no. March, pp. 207–218, 2020, doi: 10.5220/0009187802070218.

M. A. S. Arifin, D. Stiawan, Susanto, J. Rejito, Mohd. Y. Idris, and R. Budiarto, “Denial of Service Attacks Detection on SCADA Network IEC 60870-5-104 using Machine Learning,” in International Conference on Electrical Engineering, Computer Science and Informatics (EECSI) 2021, 2021, pp. 228–232. doi: 10.23919/eecsi53397.2021.9624255.

M. A. S. Arifin, D. Stiawan, and B. Y. Suprapto, “Oversampling and undersampling for intrusion detection system in the supervisory control and data acquisition IEC 60870 ? 5 ? 104,” IET Cyber?Physical Systems: Theory & Applications, no. November 2023, 2024, doi: 10.1049/cps2.12085.

F. Xiao, Z. Lin, Y. Sun, and Y. Ma, “Malware Detection Based on Deep Learning of Behavior Graphs,” Math Probl Eng, vol. 2019, 2019, doi: 10.1155/2019/8195395.

H. Takase, R. Kobayashi, M. Kato, and R. Ohmura, “A prototype implementation and evaluation of the malware detection mechanism for IoT devices using the processor information,” Int J Inf Secur, 2019, doi: 10.1007/s10207-019-00437-y.

N. Gupta, V. Jindal, and P. Bedi, “LIO-IDS: Handling class imbalance using LSTM and improved one-vs-one technique in intrusion detection system,” Computer Networks, vol. 192, no. March, pp. 1–19, 2021, doi: 10.1016/j.comnet.2021.108076.

P. I. priyadarsini, ABC-BSRF: Artificial Bee Colony and Borderline-SMOTE RF Algorithm for Intrusion Detection System on Data Imbalanced Problem, vol. 56. Springer Singapore, 2021. doi: 10.1007/978-981-15-8767-2_2.

H. Shafique, A. A. Shah, M. A. Qureshi, and M. K. Ehsan, “Machine Learning Empowered Efficient Intrusion Detection Framework,” VFAST Transactions on Software Engineering, vol. 10, no. 2, pp. 27–35, 2022, doi: http://dx.doi.org/10.21015/vtse.v10i2.1017.

M. Artur, “Review the performance of the Bernoulli Naïve Bayes Classifier in Intrusion Detection Systems using Recursive Feature Elimination with Cross-validated selection of the best number of features,” Procedia Comput Sci, vol. 190, no. 2019, pp. 564–570, 2021, doi: 10.1016/j.procs.2021.06.066.

B. Charbuty and A. Abdulazeez, “Classification Based on Decision Tree Algorithm for Machine Learning,” Journal of Applied Science and Technology Trends, vol. 2, no. 01, pp. 20–28, 2021, doi: 10.38094/jastt20165.

M. Hilda, L. Louk, and B. Adhi, “Dual-IDS?: A bagging-based gradient boosting decision tree model for network anomaly intrusion detection system,” Expert Syst Appl, vol. 213, no. PB, p. 119030, 2023, doi: 10.1016/j.eswa.2022.119030.

A. Ghani, M. Rafie, and F. M. Abdalla Ali, “Enchancing Hybrid Intrusion Detection and Prevention System for Flooding Attacks Using Decision Tree,” in International Conference on Computer, Control, Electrical, and Electronics Engineering (ICCCEEE), 2019, pp. 2–5. [Online]. Available: https://www.ptonline.com/articles/how-to-get-better-mfi-results

R. M. Mohana, C. K. K. Reddy, P. R. Anisha, and B. V. R. Murthy, “Random forest algorithms for the classification of tree-based ensemble,” Mater Today Proc, 2021, doi: 10.1016/j.matpr.2021.01.788.

N. Farnaaz and M. A. Jabbar, “Random Forest Modeling for Network Intrusion Detection System,” Procedia Comput Sci, vol. 89, pp. 213–217, 2016, doi: 10.1016/j.procs.2016.06.047.

T. Wu, H. Fan, H. Zhu, C. You, H. Zhou, and X. Huang, “Intrusion detection system combined enhanced random forest with SMOTE algorithm,” EURASIP J Adv Signal Process, vol. 2022, no. 1, 2022, doi: 10.1186/s13634-022-00871-6.

M. S. Rafsanjani, V. Suryani, and R. R. Pahlevi, “Deteksi serangan botnet pada jaringan internet of things menggunakan algoritma random forest,” e-Proceeding of Engineering, vol. 9, no. 3, pp. 1862–1871, 2022.

A. C. Müller and S. Guido, “Introduction to Machine Learning with Python A GUIDE FOR DATA SCIENTISTS Introduction to Machine Learning with Python.” 2016


Bila bermanfaat silahkan share artikel ini

Berikan Komentar Anda terhadap artikel Deteksi Aktifitas Malware pada Internet of Things menggunakan Algoritma Decision Tree dan Random Forest

Dimensions Badge

ARTICLE HISTORY


Published: 2024-06-30
Abstract View: 142 times
PDF Download: 121 times

Issue

Section

Articles

Most read articles by the same author(s)