Enhancing Network Forensics with Particle Swarm and Deep Learning: The Particle Deep Framework presented at CNSA 2020

by Nickolaos Moustafa,

Summary : With more than 7 billion devices deployed in 2018 and double that number in 2019, smart IoT things are becoming ever more popular, as they provide automated services that improve performance and productivity while reducing operating costs. However, IoT devices have been shown to be vulnerable to both well established and new IoT-specific attack vectors. In this paper, we propose the Particle Deep Framework, a new network forensic framework for IoT networks that utilised Particle Swarm Optimisation to tune the hyperparameters of a deep MLP model and improve its performance. The PDF is trained and validated using Bot-IoT dataset, a contemporary network-traffic dataset that combines normal IoT and non-IoT traffic, with well known botnet-related attacks. Through experimentation, we show that the performance of a deep MLP model is vastly improved, achieving an accuracy of 99.9% and false alarm rate of close to 0%.