An Envisioned and Efficient Design of Next Generation Decentralized IoT Bot Detection Model

Author

Ahmed Abdullah Almalki, Louisiana Tech UniversityFollow

Date of Award

Summer 8-23-2025

Document Type

Dissertation

Degree Name

Doctor of Philosophy (PhD)

Department

Cyberspace Engineering

First Advisor

Pradeep Chowriappa

Abstract

The Industrial Internet of Things (IIoT) and Internet of Medical Things (IoMT) are revolutionizing critical infrastructures, but their expansion has also introduced severe cybersecurity vulnerabilities. Traditional IoT Bot Detection Systems (IBDS) struggle to scale in environments characterized by high-dimensional, large-scale, and redundant network traffic. These challenges hinder the development of reliable cloud-based intrusion detection systems. The limitations of static and rulebased methods in detecting evolving IoT botnet attacks—such as those launched by Mirai and Gafgyt—underscore the need for intelligent, adaptive approaches. To address this, the present study proposes a machine learning and deep learning-driven IoT Botnet Detection Model, validated through both Hold-out and 5- fold Cross Validation techniques. The study emphasizes optimized feature selection using statistical methods like SelectKBest and correlation-based filtering to eliminate irrelevant attributes and improve model performance. The proposed model is trained and evaluated using the UCI N_BaIoT dataset—renowned for its diversity of IoT bot attacks—and further benchmarked against other leading datasets (Bot-IoT, IoT-23) to test its generalizability. Experimental results demonstrate that the model significantly outperforms three state-of-the-art detection methods across multiple evaluation metrics. In particular, the use of deep learning architectures, such as CNN and LSTM, leads to high detection accuracy while preserving computational efficiency. Feature selection not only enhances interpretability but also reduces training overhead, and SMOTE effectively addresses class imbalance. This work establishes a foundation for robust, real-time, and scalable botnet detection in IIoT environments. Future efforts should focus on enhancing adversarial robustness, deploying on edge devices, and incorporating blockchain for decentralized logging and regulatory compliance.

Recommended Citation

Almalki, Ahmed Abdullah, "" (2025). Dissertation. 1053.
https://digitalcommons.latech.edu/dissertations/1053