Enhancing Network Forensics with Particle Swarm and Deep Learning: The Particle Deep Framework


Nickolaos Koroniotis and Nour Moustafa, University of New South Wales Canberra, Australia


The popularity of IoT smart things is rising, due to the automation they provide and its effects on productivity. However, it has been proven that IoT devices are vulnerable to both well established and new IoT-specific attack vectors. In this paper, we propose the Particle Deep Framework, a new network forensic framework for IoT networks that utilised Particle Swarm Optimisation to tune the hyperparameters of a deep MLP model and improve its performance. The PDF is trained and validated using Bot-IoT dataset, a contemporary network-traffic dataset that combines normal IoT and non-IoT traffic, with well known botnet-related attacks. Through experimentation, we show that the performance of a deep MLP model is vastly improved, achieving an accuracy of 99.9% and false alarm rate of close to 0%.


Network forensics, Particle swarm optimization, Deep Learning, IoT, Botnets

Full Text  Volume 10, Number 3