科技的發展促使物聯網（Internet of Thing，IoT）的使用日益興盛，尤其是在智慧家庭與城市、醫療保健系統、網宇實體系統等日常設備，因此連帶讓物聯網的安全性成為這個領域中具有挑戰性的主題之一。由於存在各種形式的可能攻擊，為所有群體建立一個安全資訊系統是一個困難的目標，相對的，可以使用多種類型的網路攻擊處理程序保護網路和網路資源免於可能帶來影響的一系列威脅。網路入侵偵測系統（Network Intrusion Detection System，NIDS）是網路安全設施的實現，本研究透過部署新的集成方法分析推導輕量級殭屍網絡攻擊檢測模型對 AIoT 設備的表現，並評估單板電腦處理攻擊問題的能力。本研究以最近提供的關於物聯網流量和網絡監控網絡流量問題的 IoT Aposemat 23 (2020) 數據集對集成方法的能力進行基準測試。獲得的仿真結果表明，集成模型識別和分類惡意實例以及性能是機器學習方法中最流行的單一模型。邊緣設備實施的實驗評估給出了 83.9% 的準確率，它顯示了與預訓練模型相當的性能結果。

The development of technology influences the increasing use of the Internet of Things (IoT), especially for daily devices such as smart homes and cities, healthcare systems, and cyber-physical systems. Consequently, IoT security as one of the challenging fields follows its hype development. The goal of a secure information system for all communities is challenging due to all forms of a possible attack. The existing various type of cyber-attack handlers tries to protect the network resources against the array of threats of the coming impact scenarios that might face. Network Intrusion Detection Systems (NIDS) is an implementation of device borders within network security. This study analyzes the performance of derivation of a lightweight botnet attack detection model to AIoT equipment by deploying a new ensemble approach and evaluating the capability of the single-board device in handling the attack problem. The most recent dataset that was published in 2020, IoT Aposemat 23, provided on the issue of IoT traffic and network monitoring network traffic will be used to benchmark the capability of ensemble methodology. The simulation result obtained indicates the ensemble model recognized and classified the malicious instance as well performance as the most popular single model of machine learning methodology. The experiment evaluation for the implementation of the edge device gives 83.9% of accuracy, it shows comparable performance results as a pre-trained model.

[1] N. Koroniotis, N. Moustafa, E. Sitnikova, and B. Turnbull, “Towards the development of realistic botnet dataset in the Internet of Things for network forensic analytics: Bot-IoT dataset,” Futur. Gener. Comput. Syst., vol. 100, pp. 779–796, 2019, doi: 10.1016/j.future.2019.05.041.
[2] T. Cisco and A. Internet, “Cisco: 2020 CISO Benchmark Report,” Comput. Fraud Secur., vol. 2020, no. 3, p. 4, 2020, doi: 10.1016/s1361-3723(20)30026-9.
[3] B. Marr, “The 5 Biggest Internet of Things (IoT) trends In 2021 Everyone Must Get Ready For Now,” Forbes, 2020. https://www.forbes.com/sites/bernardmarr/2020/10/26/the-5-biggest-internet-of-things-iot-trends-in-2021-everyone-must-get-ready-for-now/ (accessed Jul. 06, 2021).
[4] N. Neshenko, E. Bou-Harb, J. Crichigno, G. Kaddoum, and N. Ghani, “Demystifying IoT Security: An Exhaustive Survey on IoT Vulnerabilities and a First Empirical Look on Internet-Scale IoT Exploitations,” IEEE Commun. Surv. Tutorials, vol. 21, no. 3, pp. 2702–2733, 2019, doi: 10.1109/COMST.2019.2910750.
[5] M. Shafiq, Z. Tian, Y. Sun, X. Du, and M. Guizani, “Selection of effective machine learning algorithm and Bot-IoT attacks traffic identification for internet of things in smart city,” Futur. Gener. Comput. Syst., vol. 107, pp. 433–442, 2020, doi: 10.1016/j.future.2020.02.017.
[6] S. Bagui, E. Kalaimannan, S. Bagui, D. Nandi, and A. Pinto, “Using machine learning techniques to identify rare cyber‐attacks on the UNSW‐NB15 dataset,” Secur. Priv., vol. 2, no. 6, pp. 1–13, 2019, doi: 10.1002/spy2.91.
[7] Z. Tian, C. Luo, J. Qiu, X. Du, and M. Guizani, “A Distributed Deep Learning System for Web Attack Detection on Edge Devices,” IEEE Trans. Ind. Informatics, vol. 16, no. 3, pp. 1963–1971, 2020, doi: 10.1109/TII.2019.2938778.
[8] Nour Moustafa, “The Bot-IoT dataset,” IEEE Dataport. .
[9] L. S. Zaremba and W. H. Smoleński, “Optimal portfolio choice under a liability constraint,” Ann. Oper. Res., vol. 97, no. 1–4, pp. 131–141, 2000, doi: 10.1023/A.
[10] J. R. Quinlan, “Induction of decision trees,” Mach. Learn., vol. 1, no. 1, pp. 81–106, 1986, doi: 10.1007/bf00116251.
[11] M. Statistics, “The Continuum Random Tree III Author ( s ): David Aldous Source : The Annals of Probability , Vol . 21 , No . 1 ( Jan ., 1993 ), pp . 248-289 Published by : Institute of Mathematical Statistics Stable URL : http://www.jstor.org/stable/2244761,” Statistics (Ber)., vol. 21, no. 1, pp. 248–289, 2009.
[12] V. Svetnik, A. Liaw, C. Tong, J. Christopher Culberson, R. P. Sheridan, and B. P. Feuston, “Random Forest: A Classification and Regression Tool for Compound Classification and QSAR Modeling,” J. Chem. Inf. Comput. Sci., vol. 43, no. 6, pp. 1947–1958, 2003, doi: 10.1021/ci034160g.
[13] P. Domingos and M. Pazzani, “On the Optimality of the Simple Bayesian Classifier underZero-One Loss. Machine Learning,” Mach. Learn., vol. 29, pp. 103–130, 1997, [Online]. Available: https://link.springer.com/article/10.1023/A:1007413511361.
[14] C. D. McDermott, F. Majdani, and A. V. Petrovski, “Botnet Detection in the Internet of Things using Deep Learning Approaches,” Proc. Int. Jt. Conf. Neural Networks, vol. 2018-July, 2018, doi: 10.1109/IJCNN.2018.8489489.
[15] Jia Deng, Wei Dong, R. Socher, Li-Jia Li, Kai Li, and Li Fei-Fei, “ImageNet: A large-scale hierarchical image database,” pp. 248–255, 2009, doi: 10.1109/cvprw.2009.5206848.
[16] M. A. Ganaie, M. Hu, M. Tanveer*, and P. N. Suganthan*, “Ensemble deep learning: A review,” 2021, [Online]. Available: http://arxiv.org/abs/2104.02395.
[17] S. Flennerhag, “Machine Learningn-Ensemble Library,” 2017.
[18] Z. Lin, M. Yih, J. M. Ota, J. D. Owens, and P. Muyan-Ozcelik, “Benchmarking Deep Learning Frameworks and Investigating FPGA Deployment for Traffic Sign Classification and Detection,” IEEE Trans. Intell. Veh., vol. 4, no. 3, pp. 385–395, 2019, doi: 10.1109/TIV.2019.2919458.
[19] A. A. Suzen, B. Duman, and B. Sen, “Benchmark Analysis of Jetson TX2, Jetson Nano and Raspberry PI using Deep-CNN,” HORA 2020 - 2nd Int. Congr. Human-Computer Interact. Optim. Robot. Appl. Proc., pp. 3–7, 2020, doi: 10.1109/HORA49412.2020.9152915.
[20] & M. J. E. Sebastian Garcia, Agustin Parmisano, “A labeled dataset with malicious and benign IoT network traffic,” 2020. https://www.stratosphereips.org/datasets-iot23.
[21] H. Liu and B. Lang, “Machine learning and deep learning methods for intrusion detection systems: A survey,” Appl. Sci., vol. 9, no. 20, 2019, doi: 10.3390/app9204396.
[22] J. Kizza and F. Migga Kizza, “Intrusion Detection and Prevention Systems,” Secur. Inf. Infrastruct., pp. 239–258, 2011, doi: 10.4018/978-1-59904-379-1.ch012.
[23] J. P. Anderson, Computer Security Threat Monitoring and Surveillance. Fort Washington: James P. Anderson Co., 1980.
[24] L. Tawalbeh, F. Muheidat, M. Tawalbeh, and M. Quwaider, “applied sciences IoT Privacy and Security : Challenges and Solutions,” Mdpi, pp. 1–17, 2020.
[25] S. Khattak, N. R. Ramay, K. R. Khan, A. A. Syed, and S. A. Khayam, “A Taxonomy of botnet behavior, detection, and defense,” IEEE Commun. Surv. Tutorials, vol. 16, no. 2, pp. 898–924, 2014, doi: 10.1109/SURV.2013.091213.00134.
[26] M. A. Roumani, C. C. Fung, S. Rai, and H. Xie, “Value Analysis of Cyber Security Based on Attack Types,” ITMSOC Trans. Innov. Bus. Eng., vol. 01, pp. 34–39, 2016, [Online]. Available: http://www.itmsoc.org.
[27] D. Chicco and G. Jurman, “Machine learning can predict survival of patients with heart failure from serum creatinine and ejection fraction alone,” BMC Med. Inform. Decis. Mak., vol. 20, no. 1, pp. 1–16, 2020, doi: 10.1186/s12911-020-1023-5.
[28] T. G. Dietterich, “Ensem ble Methods in Mac hine Learning,” Mult. Classif. Syst., vol. 1857, pp. 1–15, 2000, doi: 10.1007/3-540-45014-9.
[29] W. Iqbal, H. Abbas, M. Daneshmand, B. Rauf, and Y. A. Bangash, “An In-Depth Analysis of IoT Security Requirements, Challenges, and Their Countermeasures via Software-Defined Security,” IEEE Internet Things J., vol. 7, no. 10, pp. 10250–10276, 2020, doi: 10.1109/JIOT.2020.2997651.
[30] Jason Andress, “The Basics of Information Security,” pp. 151–169, 2014, doi: 10.1016/B978-0-12-800744-0.00010-5.
[31] Chris Pietschmann, “Raspberry Pi 4 vs NVIDIA Jetson Nano Developer Kit,” 2019. https://build5nines.com/raspberry-pi-4-vs-nvidia-jetson-nano-developer-kit/ (accessed May 11, 2021).
[32] Cherie Tan, “Jetson Nano vs Raspberry Pi 4: The Differences,” 2021. https://all3dp.com/2/raspberry-pi-vs-jetson-nano-differences/ (accessed May 11, 2021).
[33] N. Moustafa, B. Turnbull, and K. K. R. Choo, “An ensemble intrusion detection technique based on proposed statistical flow features for protecting network traffic of internet of things,” IEEE Internet Things J., vol. 6, no. 3, pp. 4815–4830, 2019, doi: 10.1109/JIOT.2018.2871719.
[34] T. M. Booij, I. Chiscop, E. Meeuwissen, N. Moustafa, and F. T. H. den Hartog, “ToN_IoT: The Role of Heterogeneity and the Need for Standardization of Features and Attack Types in IoT Network Intrusion Datasets,” IEEE Internet Things J., no. May, 2021, doi: 10.1109/JIOT.2021.3085194.
[35] S. I. Popoola, B. Adebisi, M. Hammoudeh, G. Gui, and H. Gacanin, “Hybrid Deep Learning for Botnet Attack Detection in the Internet-of-Things Networks,” IEEE Internet Things J., vol. 8, no. 6, pp. 4944–4956, 2021, doi: 10.1109/JIOT.2020.3034156.
[36] R. Ahmad and I. Alsmadi, “Machine learning approaches to IoT security: A systematic literature review[Formula presented],” Internet of Things (Netherlands), vol. 14, 2021, doi: 10.1016/j.iot.2021.100365.
[37] A. K. Sahu, S. Sharma, M. Tanveer, and R. Raja, “Internet of Things attack detection using hybrid Deep Learning Model,” Comput. Commun., vol. 176, no. April, pp. 146–154, 2021, doi: 10.1016/j.comcom.2021.05.024.
[38] R. Kozik, M. Pawlicki, and M. Choraś, “A new method of hybrid time window embedding with transformer-based traffic data classification in IoT-networked environment,” Pattern Anal. Appl., vol. 24, no. 4, pp. 1441–1449, 2021, doi: 10.1007/s10044-021-00980-2.
[39] J. Garack, S. Verwer, and A. Nadeem, “MalPaCa Feature Combination : Which packet header features and combination thereof are the most generalizable , private and easy to extract to cluster malicious behavior ?”
[40] M. Antonakakis et al., “Understanding the Mirai Botnet This paper is included in the Proceedings of the Understanding the Mirai Botnet,” USENIX Secur., pp. 1093–1110, 2017, [Online]. Available: https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/antonakakis.
[41] C. Kolias, G. Kambourakis, A. Stavrou, and J. Voas, “DDoS in the IoT: Mirai and other botnets,” Computer (Long. Beach. Calif)., vol. 50, no. 7, pp. 80–84, 2017, doi: 10.1109/MC.2017.201.
[42] N. Lewis, “Okir Malware: How does this Mirai malware variant work?,” Tech target. https://www.techtarget.com/searchsecurity/answer/Okiru-malware-How-does-this-Mirai-malware-variant-work.
[43] S. Sowdi and H. Kathawala, “Muhstik Downloader Threat Report,” 2020.
[44] M. Hughes, “Security threat intelligence report Message from Mark Hughes If there were any lingering doubts about cyber threats to mile to safeguard your environment .,” no. July, 2021.
[45] A. Tambe et al., “Detection of threats to IoT devices using scalable VPN-forwarded honeypots,” CODASPY 2019 - Proc. 9th ACM Conf. Data Appl. Secur. Priv., pp. 85–96, 2019, doi: 10.1145/3292006.3300024.
[46] S. Herwig, K. Harvey, G. Hughey, R. Roberts, and D. Levin, “Measurement and Analysis of Hajime, a Peer-to-peer IoT Botnet,” no. February, 2019, doi: 10.14722/ndss.2019.23488.
[47] I. Botnet, “Playing Hide ‘ N Seek :”
[48] J. Kroustek, “Torii botnet - Not another Mirai variant,” Avast, 2018. https://blog.avast.com/new-torii-botnet-threat-research.
[49] G. M. W. Al-Saadoon and H. M. Y. Al-Bayatti, “A Comparison of Trojan Virus Behavior in Linux and Windows Operating Systems,” no. May, 2011, [Online]. Available: http://arxiv.org/abs/1105.1234.
[50] V. Sharma, “Survey of Classification Algorithms and Various Model Selection Methods,” J. Mach. Learn. Res., vol. 1, pp. 1–48, 2000.
[51] & M. J. E. Sebastian Garcia, Agustin Parmisano, “A labeled dataset with malicious and benign IoT network traffic (Version 1.0.0) [Data set],” 2020. http://doi.org/10.5281/zenodo.4743746.
[52] S. Flennerhag, “Explaining how and what ensembles learn,” 2017. http://flennerhag.com/2017-04-18-introduction-to-ensembles/ (accessed Jan. 05, 2022).
[53] S. Das and M. J. Nene, “A survey on types of machine learning techniques in intrusion prevention systems,” Proc. 2017 Int. Conf. Wirel. Commun. Signal Process. Networking, WiSPNET 2017, vol. 2018-Janua, pp. 2296–2299, 2018, doi: 10.1109/WiSPNET.2017.8300169.
[54] Dalmas Otieno, “Introduction to ensemble methods,” 2018. https://medium.com/@dalmas.otieno/introduction-to-ensemble-methods-aca988f25fcb.
[55] “CUDA,” [Online]. Available: https://dl.acm.org/doi/10.1145/1296907.1296909.
[56] Jacob Salmela, “Pi-Hole,” 2014.
[57] A. Zheng, Evaluating Machine Learning Algorithms. 2015.
[58] 2022, “The Python Profilers.”
[59] J. N. Mandrekar, “Receiver operating characteristic curve in diagnostic test assessment,” J. Thorac. Oncol., vol. 5, no. 9, pp. 1315–1316, 2010, doi: 10.1097/JTO.0b013e3181ec173d.
[60] P. et Al., “Scikit-learn: Machine Learning in Python,” 2011.
[61] G. Immerman, “THE IMPORTANCE OF EDGE COMPUTING FOR THE IOT,” 2020. https://www.machinemetrics.com/blog/edge-computing-iot#:~:text=In short%2C edge computing analyzes,reduce latency and improve reliability.
[62] Forbes, “When IoT Is Valuable And When It’s Not,” 2019. https://www.forbes.com/sites/forbestechcouncil/2019/03/12/when-iot-is-valuable-and-when-its-not/?sh=713cdab862a1.
[63] “Meta Learning,” Cloud Era, 2020. https://meta-learning.fastforwardlabs.com/.