Towards the Development of an Ensemble Intrusion Detection Model for DDoS and Botnet Mitigation using the IoT-23 Dataset

The distribution of malware and bot formation of resource-constrained IoT networks has surged in the past few years. In IoT networks, prompt detection of intrusions is crucial due to the large-scale attacks pioneered by botmasters and botnets made up of unsecured IoT devices. The identification of such assaults has shown encouraging results using conventional machine learning models and customary deep learning approaches. Nevertheless, the use of certain algorithms may considerably benefit from a smaller feature set, because this could preclude the consequences of superfluous features and reduce the computation asset requisite for intrusion detection in such network systems having numerous restrictions. While most of the information insights in input data could be important and helpful but are excluded in the name of dimensionality reduction or feature selection process by IoT intrusion detection systems. In this study, an ensemble approach is proposed using Extra-Tree classifier for extracting important features, and a group of classifiers is tuned and tested for the classification attack and benign labels in the IoT-23 dataset. The manuscript proposes a novel intrusion detection model with a novel pre-processing technique along with a novel data preparation technique for binary and multiple classifications in IoT attack and malware mitigation. Comparative performance analysis of Linear Support Vector Classifier, Gaussian Naïve Bayes, and Ada-Boost is conducted in two case studies a) for Binary Classification and b) for Multiple Classification.