A Honeypot-Based Model for Detecting Iot Botnet Attacks Using Separable Convolutional Neural Network and Majority Voting Strategy

In recent years, there have been many botnet attacks on Internet of Things devices and the result has been heavy losses to companies and organizations. Each botnet is a group of hosts infected with the same malicious code and controlled by a remote attacker through one or more command and control servers. In this article, a new approach to detect botnet attacks is presented by combining honeypot technology and deep learning. A honeypot is a security tool whose value lies in being discovered and investigated, attacked and compromised. Honeypots can be used in forensics by gathering evidence of attacker activities. The proposed method is a two-stage pattern that in the first step honeypot deceives the attackers and collects their information and behavior in the network. In the second step, relying on machine learning, the collected data is analyzed and malicious samples are distinguished from non-malicious ones. Among machine learning algorithms, methods based on deep learning provide high accuracy, but these algorithms have high computational complexity; They reduce the speed of detection. While detection speed is very important in botnet attacks. To overcome this challenge, a separable convolutional neural network with a group learning approach was proposed in this paper. The proposed method was implemented in Python simulation environment and its efficiency was analyzed in different evaluation indices. Examining the results shows that the proposed method detects 99% of IoT botnet attacks with accuracy. Compared with similar designs, the proposed method has been able to; Improve the accuracy of attack detection.