The proliferation of IoT devices has heightened their susceptibility to cyberattacks, particularly botnets. Conventional security methods frequently prove inadequate because of the restricted processing capabilities of IoT devices. This paper suggests utilizing machine learning methods to enhance the detection of attacks in Internet of Things (IoT) environments. The paper presents a novel approach to detect different botnet assaults on IoT devices by utilizing ML methods such as XGBoost, Random Forest, LightGBM, and Decision Tree. These algorithms were examined using the N-BaIoT dataset to classify multi-class botnet attacks and were specifically designed to accommodate the limitations of IoT devices. The technique comprises the steps of data preparation, preprocessing, classifier training, and decision-making. The algorithms achieved high detection accuracy rates: XGBoost (99.18%), Random Forest (99.20%), LGBM (99.85%), and Decision Tree (99.17%). The LGBM model demonstrated exceptional performance. The incorporation of the attack evaluation model greatly enhanced the identification of botnets in IoT networks. The paper displays the efficacy of machine learning techniques in identifying botnet assaults in IoT networks. The models generated exhibit exceptional accuracy and can be seamlessly integrated into existing cybersecurity systems.

S. W. Nourildean, M. D. Hassib, and Y. A. Mohammed, “Wireless sensor network based on Internet of Things: a review,” Indonesian Journal of Electrical Engineering and Computer Science, vol. 27, no. 1, p. 246, Jul. 2022, doi: 10.11591/ijeecs.v27.i1.pp246-261.

J.-Y. Yu, E. Lee, S.-R. Oh, Y.-D. Seo, and Y.-G. Kim, “A Survey on Security Requirements for WSNs: Focusing on security-related characteristics,” IEEE Access, vol. 8, pp. 45304-45324, 2020, doi: 10.1109/access.2020.2977778.

N. Chandnani and K. N. Khairnar, “Analysis of architecture, structure, security and challenging aspects for data aggregation and routing techniques in IoT WSNs,” Theoretical Computer Science, vol. 929, pp. 95-113, 2022, doi: 10.1016/j.tcs.2022.06.032.

M. Kaur and A. Munjal, “Data aggregation algorithms for wireless sensor networks: A review,” Ad Hoc Networks, vol. 100, p. 102083, Apr. 2020, doi: 10.1016/j.adhoc.2020.102083.

T. Sasi, A. H. Lashkari, R. Lu, P. Xiong, and S. Iqbal, “A comprehensive survey on IoT attacks: Taxonomy, detection mechanisms and challenges,” Journal of Information and Intelligence, vol. 2, no. 6, pp. 455-513, Dec. 2023, doi: 10.1016/j.jiixd.2023.12.001.

H. Owen, J. Zarrin, and S. M. Poore, “Botnet overview, problems, threats, methods, detection and prevention,” Journal of Cybersecurity and Privacy, vol. 2, no. 1, pp. 74-88, Feb. 2022, doi: 10.3390/jcp2010006.

M. Asad, M. Asim, T. Javed, M. O. Beg, H. Mujtaba, and S. Abbas, “DeepDetect: Detection of Distributed Denial of Service Attacks Using Deep Learning,” The Computer Journal, vol. 63, no. 7, pp. 983–994, Jul. 2019, doi: 10.1093/comjnl/bxz064.

A. Tekerek, “A novel architecture for web-based attack detection using convolutional neural network,” Computers & Security, vol. 100, p. 102096, Jan. 2021, doi: 10.1016/j.cose.2020.102096.

V. Adat and B. B. Gupta, “Security in Internet of Things: issues, challenges, taxonomy, and architecture,” Telecommunication Systems, vol. 67, no. 3, pp. 423–441, Jun. 2017, doi: 10.1007/s11235-017-0345-9.

U. Tariq, I. Ahmed, A. K. Bashir, and K. Shaukat, “A Critical Cybersecurity Analysis and Future Research Directions for the Internet of Things: A Comprehensive Review,” Sensors, vol. 23, no. 8, p. 4117, Apr. 2023, doi: 10.3390/s23084117.

P. Sinha, V. K. Jha, A. K. Rai, and B. Bhushan, “Security vulnerabilities, attacks and countermeasures in wireless sensor networks at various layers of OSI reference model: A survey,” 2017 International Conference on Signal Processing and Communication (ICSPC), pp. 288-293, Jul. 2017, doi: 10.1109/cspc.2017.8305855.

A. Ehsan, C. Catal, and A. Mishra, “Detecting Malware by Analyzing App Permissions on Android Platform: A Systematic Literature Review,” Sensors, vol. 22, no. 20, p. 7928, Oct. 2022, doi: 10.3390/s22207928.

A. Nazir et al., “Advancing IoT security: A systematic review of machine learning approaches for the detection of IoT botnets,” Journal of King Saud University - Computer and Information Sciences, vol. 35, no. 10, p. 101820, Dec. 2023, doi: 10.1016/j.jksuci.2023.101820.

M. Ghiasi, T. Niknam, Z. Wang, M. Mehrandezh, M. Dehghani, and N. Ghadimi, “A comprehensive review of cyber-attacks and defense mechanisms for improving security in smart grid energy systems: Past, present and future,” Electric Power Systems Research, vol. 215, p. 108975, Feb. 2023, doi: 10.1016/j.epsr.2022.108975.

U. I. Okoli, O. C. Obi, A. O. Adewusi, and T. O. Abrahams, “Machine Learning in Cybersecurity: A Review of Threat Detection and Defense Mechanisms,” World Journal of Advanced Research and Reviews, vol. 21, no. 1, pp. 2286-2295, Jan. 2024, doi: 10.30574/wjarr.2024.21.1.0315.

A. Yazdinejad, A. Dehghantanha, R. M. Parizi, G. Srivastava, and H. Karimipour, “Secure Intelligent Fuzzy Blockchain Framework: Effective threat detection in IoT networks,” Computers in Industry, vol. 144, p. 103801, Jan. 2023, doi: 10.1016/j.compind.2022.103801.

N. Mishra and S. Pandya, “Internet of Things applications, security challenges, attacks, intrusion detection and future prospects: A Systematic Review,” IEEE Access, vol. 9, pp. 59353-59377, 2021, doi: 10.1109/access.2021.3073408.

J. Kim, M. Shim, S. Hong, Y. Shin, and E. Choi, “Intelligent detection of IoT botnets using machine learning and deep learning,” Applied Science, vol. 10, no. 19, pp. 7009, 2020, doi: 10.3390/app10197009.

S. Khan and A. B. Maileva, “Botnet detection in IoT sensor networks: A lightweight deep learning system with hybrid self-organizing maps,” Microprocessors and Microsystems, vol. 97, pp. 104753, 2023, doi: 10.1016/j.micpro.2022.104753.

A. Bijalwan, “Botnet Forensic Analysis Using Machine Learning,” Security and Communication Networks, vol. 2020, pp. 1–9, Feb. 2020, doi: 10.1155/2020/9302318.

B. L. Prasanna and M. S. Reddy, “A Parallel Rank Based Multi-Class Ensemble Classification Framework on ISOT Cyber Threat Detection,” International Journal of Intelligent Systems and Applications in Engineering, vol. 12, no. 10s, pp. 556–566, 2024.

Y. Zhou, G. Cheng, S. Jiang, and M. Dai, “Building an efficient intrusion detection system based on feature selection and ensemble classifier,” Computer Networks, vol. 174, p. 107247, Jun. 2020, doi: 10.1016/j.comnet.2020.107247.

A. Verma and V. Ranga, “Machine Learning Based Intrusion Detection Systems for IoT Applications,” Wireless Personal Communications, vol. 111, no. 4, pp. 2287–2310, 2019, doi: 10.1007/s11277-019-06986-8.

A. Sarwar et al., “IoT networks attacks detection using multi-novel features and extra tree random - voting ensemble classifier (ER-VEC),” Journal of Ambient Intelligence and Humanized Computing, vol. 14, no. 12, pp. 16637–16651, 2023, doi: 10.1007/s12652-023-04666-x.

T. Zixu, K. S. K. Liyanage, and M. Gurusamy, “Generative Adversarial Network and Auto Encoder based Anomaly Detection in Distributed IoT Networks,” GLOBECOM 2020 - 2020 IEEE Global Communications Conference, pp. 1-7, 2020, doi: 10.1109/globecom42002.2020.9348244.

P. Hadem, D. K. Saikia, and S. Moulik, “An SDN-based Intrusion Detection System using SVM with Selective Logging for IP Traceback,” Computer Networks, vol. 191, p. 108015, May 2021, doi: 10.1016/j.comnet.2021.108015.

P. Kumar, G. P. Gupta, and R. Tripathi, “Toward Design of an Intelligent Cyber Attack Detection System using Hybrid Feature Reduced Approach for IoT Networks,” Arabian Journal for Science and Engineering, vol. 46, no. 4, pp. 3749–3778, Jan. 2021, doi: 10.1007/s13369-020-05181-3.

A. Farahmand Nejad and S. Noferesti, “A real-time botnet detection model based on an efficient wrapper feature selection method,” International Journal of Security and Networks, vol. 15, no. 1, p. 36, 2020, doi: 10.1504/ijsn.2020.10028190.

P. C. Tikekar, S. S. Sherekar, and J. Kumar, “An Approach for Detection of Botnet Based on Machine Learning Classifier,” SN Computer Science, vol. 5, no. 3, Mar. 2024, doi: 10.1007/s42979-024-02636-4.

S. Liaqat, A. Akhunzada, F. S. Shaikh, A. Giannetsos, and M. A. Jan, “SDN orchestration to combat evolving cyber threats in the Internet of Medical Things (IoMT),” Computer Communications, vol. 160, pp. 697–705, Jul. 2020, doi: 10.1016/j.comcom.2020.07.006.

A. Wani and S. Revathi, “Ransomware protection in IoT using software defined networking,” International Journal of Electrical and Computer Engineering (IJECE), vol. 10, no. 3, p. 3166, Jun. 2020, doi: 10.11591/ijece.v10i3.pp3166-3175.

A. Huč, J. Šalej, and M. Trebar, “Analysis of Machine Learning Algorithms for Anomaly Detection on Edge Devices,” Sensors, vol. 21, no. 14, p. 4946, Jul. 2021, doi: 10.3390/s21144946.

K. D. Devprasad, S. Ramanujam, and S. B. Rajendran, “Context adaptive ensemble classification mechanism with multi-criteria decision making for network intrusion detection,” Concurrency and Computation: Practice and Experience, vol. 34, no. 21, Jun. 2022, doi: 10.1002/cpe.7110.

M. Vishwakarma and N. Kesswani, “DIDS: A Deep Neural Network based real-time Intrusion detection system for IoT,” Decision Analytics Journal, vol. 5, p. 100142, Dec. 2022, doi: 10.1016/j.dajour.2022.100142.

M. Karthik and M. Krishnan, “Securing an Internet of Things from Distributed Denial of Service and Mirai Botnet Attacks Using a Novel Hybrid Detection and Mitigation Mechanism,” International Journal of Intelligent Engineering and Systems, vol. 14, no. 1, pp. 113–123, Feb. 2021, doi: 10.22266/ijies2021.0228.12.

D. Mohamed and O. Ismael, “Enhancement of an IoT hybrid intrusion detection system based on fog-to-cloud computing,” Journal of Cloud Computing, vol. 12, no. 1, Mar. 2023, doi: 10.1186/s13677-023-00420-y.

A. Awajan, “A Novel Deep Learning-Based Intrusion Detection System for IoT Networks,” Computers, vol. 12, no. 2, p. 34, Feb. 2023, doi: 10.3390/computers12020034.

F. S. Alrayes et al., “Modeling of Botnet Detection Using Barnacles Mating Optimizer with Machine Learning Model for Internet of Things Environment,” Electronics, vol. 11, no. 20, p. 3411, Oct. 2022, doi: 10.3390/electronics11203411.

J. Kim, H. Won, M. Shim, S. Hong, and E. Choi, “Feature Analysis of IoT Botnet Attacks based on RNN and LSTM,” International Journal of Engineering Trends and Technology, vol. 68, no. 4, pp. 43–47, Apr. 2020, doi: 10.14445/22315381/ijett-v68i4p208s.

B. Sharma, L. Sharma, C. Lal, and S. Roy, “Anomaly based network intrusion detection for IoT attacks using deep learning technique,” Computers and Electrical Engineering, vol. 107, p. 108626, Apr. 2023, doi: 10.1016/j.compeleceng.2023.108626.

D. Rani, N. S. Gill, P. Gulia, F. Arena, and G. Pau, “Design of an Intrusion Detection Model for IoT-Enabled Smart Home,” IEEE Access, vol. 11, pp. 52509-52526, 2023, doi: 10.1109/access.2023.3276863.

G. Almahadin, M. O. Hiari, A. H. Hussein, N. M. M. Turab, A. Alkhresheh, and M. A. Al-Tarawneh, “Performance Evaluation of an Intelligent and Optimized Machine Learning Framework for Attack Detection,” International Journal of Communication Networks and Information Security, vol. 14, no. 3, pp. 358-371, 2022.

D. H. Mustafa and I. M. Husien, “Adaptive DBSCAN with Gray Wolf Optimizer for Botnet Detection,” International Journal of Intelligent Engineering and Systems, vol. 16, no. 4, pp. 409–421, Aug. 2023, doi: 10.22266/ijies2023.0831.33.

S. Jain, P. M. Pawar, and R. Muthalagu, “Hybrid Intelligent Intrusion Detection System for Internet of Things,” SSRN Electronic Journal, vol. 8, p. 100030 2022, doi: 10.2139/ssrn.4097433.

G. Çtin, “An Effective Classifier Model for Imbalanced Network Attack Data,” Computers, Materials & Continua, vol. 73, no. 3, pp. 4519–4539, 2022, doi: 10.32604/cmc.2022.031734.

V. S. A. Raju and B. Suma, “Network Intrusion Detection for IoT-Botnet Attacks Using ML Algorithms,” 2023 7th International Conference on Computation System and Information Technology for Sustainable Solutions (CSITSS), pp. 1-6, Nov. 2023, doi: 10.1109/csitss60515.2023.10334188.

M. Ali, M. Shahroz, M. F. Mushtaq, S. Alfarhood, M. Safran, and I. Ashraf, “Hybrid Machine Learning Model for Efficient Botnet Attack Detection in IoT Environment,” IEEE Access, vol. 12, pp. 40682–40699, 2024, doi: 10.1109/access.2024.3376400.

H. Alkahtani and T. H. H. Aldhyani, “Botnet Attack Detection by Using CNN-LSTM Model for Internet of Things Applications,” Security and Communication Networks, vol. 2021, pp. 1–23, Sept. 2021, doi: 10.1155/2021/3806459.

I. Ullah and Q. H. Mahmoud, “A Framework for Anomaly Detection in IoT Networks Using Conditional Generative Adversarial Networks,” IEEE Access, vol. 9, pp. 165907–165931, 2021, doi: 10.1109/access.2021.3132127.

H.-C. Chu and Y.-J. Lin, “Improving the IoT Attack Classification Mechanism with Data Augmentation for Generative Adversarial Networks,” Applied Sciences, vol. 13, no. 23, p. 12592, Nov. 2023, doi: 10.3390/app132312592.

T. Zhukabayeva, A. Buja, and M. Pacolli, “Evaluating Security Mechanisms for Wireless Sensor Networks in IoT and IIoT,” Journal of Robotics and Control (JRC), vol. 5, no. 4, pp. 931-943, 2024, doi: 10.18196/jrc.v5i4.21683

Zhukabaeva et al., “Towards robust security in WSNs: a comprehensive analytical review and future research directions,” Indonesian Journal of Electrical Engineering and Computer Science, vol. 36, no. 1, p. 318, Oct. 2024, doi: 10.11591/ijeecs.v36.i1.pp318-337.

S. Afrifa, V. Varadarajan, P. Appiahene, T. Zhang, and E. A. Domfeh, “Ensemble Machine Learning Techniques for Accurate and Efficient Detection of Botnet Attacks in Connected Computers,” Eng., vol. 4, no. 1, pp. 650-664, Feb. 2023, doi: 10.3390/eng4010039.

G. Kambourakis, C. Kolias, and A. Stavrou, “The Mirai botnet and the IoT Zombie Armies,” MILCOM 2017 - 2017 IEEE Military Communications Conference (MILCOM), pp. 267-272, Oct. 2017, doi: 10.1109/milcom.2017.8170867.

R. Ahmad and I. Alsmadi, “Machine learning approaches to IoT security: A systematic literature review,” Internet of Things, vol. 14, p. 100365, Jun. 2021, doi: 10.1016/j.iot.2021.100365.

S. M. Tahsien, H. Karimipour, and P. Spachos, “Machine learning based solutions for security of Internet of Things (IoT): A survey,” Journal of Network and Computer Applications, vol. 161, p. 102630, Jul. 2020, doi: 10.1016/j.jnca.2020.102630.

R. Ahmad, R. Wazirali, and T. Abu-Ain, “Machine Learning for Wireless Sensor Networks Security: An Overview of Challenges and Issues,” Sensors, vol. 22, no. 13, p. 4730, Jun. 2022, doi: 10.3390/s22134730.

A. Mehta, J. K. Sandhu, and L. Sapra, “Machine Learning in Wireless Sensor Networks: A Retrospective,” 2020 Sixth International Conference on Parallel, Distributed and Grid Computing (PDGC), pp. 328-331, Nov. 2020, doi: 10.1109/pdgc50313.2020.9315767.

S. H. Haji and S. Y. Ameen, “Attack and Anomaly Detection in IoT Networks using Machine Learning Techniques: A Review,” Asian Journal of Research in Computer Science, pp. 30–46, Jun. 2021, doi: 10.9734/ajrcos/2021/v9i230218.

M. Mamdouh, M. A. I. Elrukhsi, and A. Khattab, “Securing the Internet of Things and Wireless Sensor Networks via Machine Learning: A Survey,” 2018 International Conference on Computer and Applications (ICCA), pp. 215-218, Aug. 2018, doi: 10.1109/comapp.2018.8460440.

S. Ismail, D. W. Dawoud, and H. Reza, “Securing Wireless Sensor Networks Using Machine Learning and Blockchain: A Review,” Future Internet, vol. 15, no. 6, p. 200, May 2023, doi: 10.3390/fi15060200

M. Alqahtani, H. Mathkour, and M. M. Ben Ismail, “IoT Botnet Attack Detection Based on Optimized Extreme Gradient Boosting and Feature Selection,” Sensors, vol. 20, no. 21, p. 6336, Nov. 2020, doi: 10.3390/s20216336.

R. Hallman, J. Bryan, G. Palavicini, J. Divita, and J. Romero-Mariona, “IoDDoS—The Internet of Distributed Denial of Sevice Attacks - A Case Study of the Mirai Malware and IoT-Based Botnets,” Proceedings of the 2nd International Conference on Internet of Things, Big Data and Security, pp. 47-58, 2017, doi: 10.5220/0006246600470058.

M. Gelgi, Y. Guan, S. Arunachala, M. Samba Siva Rao, and N. Dragoni, “A systematic literature review on DDOS attacks on IoT botnets and evaluation of detection methods,” Sensors, vol. 24, no. 11, p. 3571, Jun. 2024, doi: 10.3390/s24113571.

P. Victor, A. H. Lashkari, R. Lu, T. Sasi, P. Xiong, and S. Iqbal, “IoT malware: Attribute-based taxonomy, detection mechanisms, and challenges,” Peer-to-Peer Networking and Applications, vol. 16, no. 3, pp. 1380-1431, May 2023, doi: 10.1007/s12083-023-01478-w.

C. Kolias, G. Kambourakis, A. Stavrou, and J. Voas, “DDoS in the IoT: Mirai and Other Botnets,” Computer, vol. 50, no. 7, pp. 80–84, 2017, doi: 10.1109/mc.2017.201.

Monthly number of IoT attacks global 2022| Statista: Available: https://www.statista.com/statistics/1322216/worldwide-internet-of-things-attacks/

F. Louati, F. B. Ktata, and I. Amous, “Enhancing Intrusion Detection Systems with Reinforcement Learning: A Comprehensive Survey of RL-based Approaches and Techniques,” SN Computer Science, vol. 5, no. 6, Jun. 2024, doi: 10.1007/s42979-024-03001-1.41.

T. Chen and C. Guestrin, “XGBoost,” Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, Aug. 2016, doi: 10.1145/2939672.2939785.

T. Kim, L. F. Vecchietti, K. Choi, S. Lee, and D. Har, “Machine Learning for Advanced Wireless Sensor Networks: A Review,” IEEE Sensors Journal, vol. 21, no. 11, pp. 12379–12397, Jun. 2021, doi: 10.1109/jsen.2020.3035846.

S. Bhattacharya et al., “A Novel PCA-Firefly Based XGBoost Classification Model for Intrusion Detection in Networks Using GPU,” Electronics, vol. 9, no. 2, p. 219, Jan. 2020, doi: 10.3390/electronics9020219.

M. Al-kasassbeh, M. A. Abbadi, and A. M. Al-Bustanji, “LightGBM Algorithm for Malware Detection,” Intelligent Computing, pp. 391–403, 2020, doi: 10.1007/978-3-030-52243-8_28.

M. Massaoudi, S. S. Refaat, I. Chihi, M. Trabelsi, F. S. Oueslati, and H. Abu-Rub, “A novel stacked generalization ensemble-based hybrid LGBM-XGB-MLP model for Short-Term Load Forecasting,” Energy, vol. 214, p. 118874, Jan. 2021, doi: 10.1016/j.energy.2020.118874.

R. Bukhowah, A. Aljughaiman, and M. M. H. Rahman, “Detection of DoS Attacks for IoT in Information-Centric Networks Using Machine Learning: Opportunities, Challenges, and Future Research Directions,” Electronics, vol. 13, no. 6, p. 1031, Mar. 2024, doi: 10.3390/electronics13061031.

A. Parmar, R. Kataria, and V. Patel, “A review of Random Forest: An ensemble classifier,” International Conference on Intelligent Communication Technologies and the Internet of Things (ICICI), pp. 758-763, 2018, Dec. 2018, doi: 10.1007/978-3-030-03146-6_86.

V. G. Costa и C. E. Pedreira, “Recent advances in decision trees: an updated survey,” Artificial Intelligence Review, vol. 56, no. 5, pp. 4765-4800, Oct. 2022, doi: 10.1007/s10462-022-10275-5.

J. Su, S. He, and Y. Wu, “Features selection and prediction for IoT attacks,” High-Confidence Computing, vol. 2, no. 2, p. 100047, Jun. 2022, doi: 10.1016/j.hcc.2021.100047.

Kaggle, “N-BaIoT Dataset To Detect IoT Botnet Attacks,” Kaggle, 2023, https://www.kaggle.com/datasets/mkashifn/nbaiot-dataset (accessed on 2 December 2023).

Y. Meidan et al., “N-BaIoT—Network-Based Detection of IoT Botnet Attacks Using Deep Autoencoders,” IEEE Pervasive Computing, vol. 17, no. 3, pp. 12–22, Jul. 2018, doi: 10.1109/mprv.2018.03367731.

H. Tanveer, M. A. Adam, M. A. Khan, M. A. Ali, and A. Shakoor, “Analyzing the performance and effectiveness of machine learning algorithms such as Deep Learning, Decision Trees, or Support Vector Machines on different datasets and applications,” Asian Bulletin of Big Data Management, vol. 3, no. 2, pp. 126-136, Jan. 2024, doi: 10.62019/abbdm.v3i2.83.