MBB-IoT:Construction and Evaluation of IoT DDoS Traffic Dataset from a New Perspective

作     者：Yi Qing Xiangyu Liu Yanhui Du 

作者机构：Department of Artificial IntelligencePeople’s Public Security University of ChinaBeijing100038China Department of CybersecurityPeople’s Public Security University of ChinaBeijing100038China 

出 版 物：《Computers, Materials & Continua》 (计算机、材料和连续体（英文）)

年 卷 期：2023年第76卷第8期

页      面：2095-2119页

核心收录：

学科分类：12[管理学] 1201[管理学-管理科学与工程(可授管理学、工学学位)] 08[工学] 081201[工学-计算机系统结构] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

主　　题：Intrusion detection IoT malware botnet DDoS dataset 

摘      要：Distributed Denial of Service(DDoS)attacks have always been a major concern in the security *** the release of malware source codes such as BASHLITE and Mirai,Internet of Things(IoT)devices have become the new source of DDoS attacks against many Internet *** there are many datasets in the field of IoT intrusion detection,such as Bot-IoT,ConstrainedApplication Protocol–Denial of Service(CoAPDoS),and LATAM-DDoS-IoT(some of the names of DDoS datasets),which mainly focus on DDoS attacks,the datasets describing new IoT DDoS attack scenarios are extremely rare,and only N-BaIoT and IoT-23 datasets used IoT devices as DDoS attackers in the construction process,while they did not use Internet applications as victims *** supplement the description of the new trend of DDoS attacks in the dataset,we built an IoT environment with mainstream DDoS attack tools such as Mirai and BASHLITE being used to infect IoT devices and implement DDoS attacks against WEB ***,data aggregated into a dataset namedMBB-IoTwere captured atWEBservers and IoT *** the MBB-IoT dataset was split into a training set and a test set,it was applied to the training and testing of the Random Forests classification *** multi-class classification metrics were good and all above 90%.Secondly,in a cross-evaluation experiment based on Support Vector Machine(SVM),Light Gradient Boosting Machine(LightGBM),and Long Short Term Memory networks(LSTM)classification algorithms,the training set and test set were derived from different datasets(MBB-IoT or IoT-23),and the test performance is better when MBB-IoT is used as the training set.