Towards the development of realistic botnet dataset in the Internet of Things for network forensic analytics: Bot-IoT dataset

2018

Moustafa, 2018, Towards automation of vulnerability and exploitation identification in iiot networks, 139

Moustafa, 2018, An ensemble intrusion detection technique based on proposed statistical flow features for protecting network traffic of internet of things, IEEE Internet Things J.

Kolias, 2017, Ddos in the iot: Mirai and other botnets, Computer, 50, 80, 10.1109/MC.2017.201

Pimenta Rodrigues, 2017, Cybersecurity and network forensics: Analysis of malicious traffic towards a honeynet with deep packet inspection, Appl. Sci., 7, 1082, 10.3390/app7101082

Liu, 2015, External integrity verification for outsourced big data in cloud and iot: A big picture, Future Gener. Comput. Syst., 49, 58, 10.1016/j.future.2014.08.007

Grajeda, 2017, Availability of datasets for digital forensics–and what is missing, Digit. Investig., 22, S94, 10.1016/j.diin.2017.06.004

KDDcup99 dataset, URL http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html.

I. Sharafaldin, A. Lashkari, A.A. Ghorbani, Toward generating a new intrusion detection dataset and intrusion traffic characterization, in: Proceedings of Fourth International Conference on Information Systems Security and Privacy, ICISSP, 2018.

Moustafa, 2015, UNSW-Nb15: a comprehensive data set for network intrusion detection systems (UNSW-nb15 network data set), 1

1998 DARPA intrusion detection evaluation data set, URL https://www.ll.mit.edu/ideval/data/1998data.html.

Koroniotis, 2017, Towards developing network forensic mechanism for botnet activities in the iot based on machine learning techniques, 30

Gubbi, 2013, Internet of things (iot): A vision, architectural elements, and future directions, Future Gener. Comput. Syst., 29, 1645, 10.1016/j.future.2013.01.010

Silva, 2013, Botnets: A survey, Comput. Netw., 57, 378, 10.1016/j.comnet.2012.07.021

Khattak, 2014, A taxonomy of botnet behavior, detection, and defense, IEEE Commun. Surv. Tutor., 16, 898, 10.1109/SURV.2013.091213.00134

Amini, 2015, A survey on botnet: classification, detection and defense, 233

Palmer, 2001

Moustafa, 2018, A network forensic scheme using correntropy-variation for attack detection, 225

Alomari, 2014, Design, deployment and use of HTTP-based botnet (HBB) testbed, 1265

Carl, 2006, Using machine learning technliques to identify botnet traffic

Bhatia, 2014, A framework for generating realistic traffic for distributed denial-of-service attacks and flash events, Comput. Secur., 40, 95, 10.1016/j.cose.2013.11.005

Behal, 2017, Detection of ddos attacks and flash events using information theory metrics–an empirical investigation, Comput. Commun., 103, 18, 10.1016/j.comcom.2017.02.003

Doshi, 2018

Hodo, 2016, Threat analysis of iot networks using artificial neural network intrusion detection system, 1

Garcia-Teodoro, 2009, Anomaly-based network intrusion detection: Techniques, systems and challenges, Comput. Secur., 28, 18, 10.1016/j.cose.2008.08.003

Moustafa, 2017, Collaborative anomaly detection framework for handling big data of cloud computing, 1

Moustafa, 2019, Outlier dirichlet mixture mechanism: Adversarial statistical learning for anomaly detection in the fog, IEEE Trans. Inf. Forensics Secur., 10.1109/TIFS.2018.2890808

Wang, 2016, Attack detection and distributed forensics in machine-to-machine networks, IEEE Netw., 30, 49, 10.1109/MNET.2016.1600113NM

Rieck, 2008, Learning and classification of malware behavior, 108

Nguyen, 2008, A survey of techniques for internet traffic classification using machine learning, IEEE commun. Surv. Tutor., 10, 56, 10.1109/SURV.2008.080406

Moustafa, 2018, Flow aggregator module for analysing network traffic, 19

De Vel, 2001, Mining e-mail content for author identification forensics, ACM SIGMOD Rec., 30, 55, 10.1145/604264.604272

Ostinato, URL https://ostinato.org/.

Soni, 2017, A survey on MQTT: a protocol of internet of things (iot)

Brugger, 2007, An assessment of the DARPA IDS evaluation dataset using snort, UCDAVIS Dep. Comput. Sci., 1, 22

G.M. Fernández, J. Camacho, R. Magán-Carrión, P. Garcıa-Teodoro, R. Theron, UGR’16: A new dataset for the evaluation of cyclostationarity-based network IDSs.

Tavallaee, 2009, A detailed analysis of the KDD cup 99 data set, 1

2009

Bhuyan, 2015, Towards generating real-life datasets for network intrusion detection, IJ Netw. Secur., 17, 683

Center of Applied Internet Data Analysis, URL https://www.caida.org/data/.

2005

Canadian Institute of Cybersecurity , University of new Brunswick, ISCX dataset, URL http://www.unb.ca/cic/datasets/index.html.

Ammar, 2015, A decision tree classifier for intrusion detection priority tagging, J. Comput. Commun., 3, 52, 10.4236/jcc.2015.34006

Gogoi, 2012, Packet and flow based network intrusion dataset, 322

Node-Red tool, URL https://nodered.org/.

Argus tool, URL https://qosient.com/argus/index.shtml.

ESXi hypervisor, URL https://www.vmware.com/au/products/esxi-and-esx.html.

vSphere client, URL https://www.vmware.com/au/products/vsphere.html.

IoT hub AWS, URL https://aws.amazon.com/iot-core/features/.

Mosquitto MQTT broker, URL https://mosquitto.org/.

Emerson, 2015, Causation and pearson’s correlation coefficient, J. Visual Impair. Blind., 109, 242, 10.1177/0145482X1510900311

Lesne, 2014, Shannon Entropy: a rigorous notion at the crossroads between probability, information theory, dynamical systems and statistical physics, Math. Struct. Comput. Sci., 24, 10.1017/S0960129512000783

Cron scheduling package, URL https://packages.ubuntu.com/search?keywords=cron.

Tshark network analysis tool, URL https://www.wireshark.org/.

Argus (audit record generation and utilization system), URL https://qosient.com/argus/.

Paliwal, 2012, Denial-of-service, probing & remote to user (r2l) attack detection using genetic algorithm, Int. J. Comput. Appl., 60, 57

Bartlett, 2007

Hoque, 2014, Network attacks: Taxonomy, tools and systems, J. Netw. Comput. Appl., 40, 307, 10.1016/j.jnca.2013.08.001

Lyon, 2009

hping, URL http://www.hping.org.

Xprobe2, URL https://www.aldeid.com/wiki/Xprobe2.

Zargar, 2013, A survey of defense mechanisms against distributed denial of service (ddos) flooding attacks, IEEE commun. Surv. Tutor., 15, 2046, 10.1109/SURV.2013.031413.00127

Tankard, 2011, Advanced persistent threats and how to monitor and deter them, Netw. Secur., 2011, 16, 10.1016/S1353-4858(11)70086-1

Jesudoss, 2014, A survey on authentication attacks and countermeasures in a distributed environment, Indian J. Comput. Sci. Eng., 5, 71

Metasploit framework, URL https://www.metasploit.com/.

Logkeys software, URL http://manpages.ubuntu.com/manpages/xenial/man8/logkeys.8.html.

Hydra software, URL https://packages.ubuntu.com/trusty/net/hydra.

Zheng, 2011, A feature subset selection method based on high-dimensional mutual information, Entropy, 13, 860, 10.3390/e13040860

Meyer, 2001, Support vector machines, R News, 1, 23

Grossberg, 2013, Recurrent neural networks, Scholarpedia, 8, 1888, 10.4249/scholarpedia.1888

Greff, 2017, LSTM: A search space odyssey, IEEE Trans. Neural Netw. Learn. Syst., 28, 2222, 10.1109/TNNLS.2016.2582924