Comparative analysis of deep learning and traditional methods for IoT botnet detection using a multi-model framework across diverse datasets
Abstract The proliferation of Internet of Things (IoT) devices has created unprecedented cybersecurity vulnerabilities, with botnets emerging as a critical threat to network infrastructure. This study focuses on traditional machine learning and deep learning approaches, proposes a novel ensemble fra...
Saved in:
| Main Authors: | , , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Nature Portfolio
2025-08-01
|
| Series: | Scientific Reports |
| Subjects: | |
| Online Access: | https://doi.org/10.1038/s41598-025-16553-w |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849226254898692096 |
|---|---|
| author | Saeed Ullah Junsheng Wu Zhijun Lin Mian Muhammad Kamal Hala Mostafa Muhammad Sheraz Teong Chee Chuah |
| author_facet | Saeed Ullah Junsheng Wu Zhijun Lin Mian Muhammad Kamal Hala Mostafa Muhammad Sheraz Teong Chee Chuah |
| author_sort | Saeed Ullah |
| collection | DOAJ |
| description | Abstract The proliferation of Internet of Things (IoT) devices has created unprecedented cybersecurity vulnerabilities, with botnets emerging as a critical threat to network infrastructure. This study focuses on traditional machine learning and deep learning approaches, proposes a novel ensemble framework to address these issues, integrating Convolutional Neural Network (CNN), Bidirectional Long Short-Term Memory (BiLSTM), Random Forest (RF), and Logistic Regression (LR) via a weighted soft-voting mechanism. Our approach introduces a Quantile Uniform transformation to reduce feature skewness, a multi-layered feature selection method to enhance discriminative power, an individual performance of deep learning–traditional machine learning and a hybrid models (ensemble models) for robust detection. Evaluated on BOT-IOT, CICIOT2023, and IOT23 datasets, the framework achieves 100% accuracy on BOT-IOT, 99.2% on CICIOT2023, and 91.5% on IOT23, outperforming state-of-the-art models by up to 6.2%. These contributions advance IoT security by enabling scalable, high-performance detection adaptable to diverse network scenarios, with practical optimizations for real-world deployment. |
| format | Article |
| id | doaj-art-0c630eba89164a24b0bd16219f09d6ff |
| institution | Kabale University |
| issn | 2045-2322 |
| language | English |
| publishDate | 2025-08-01 |
| publisher | Nature Portfolio |
| record_format | Article |
| series | Scientific Reports |
| spelling | doaj-art-0c630eba89164a24b0bd16219f09d6ff2025-08-24T11:27:57ZengNature PortfolioScientific Reports2045-23222025-08-0115113110.1038/s41598-025-16553-wComparative analysis of deep learning and traditional methods for IoT botnet detection using a multi-model framework across diverse datasetsSaeed Ullah0Junsheng Wu1Zhijun Lin2Mian Muhammad Kamal3Hala Mostafa4Muhammad Sheraz5Teong Chee Chuah6School of Software, Northwestern Polytechnical UniversitySchool of Software, Northwestern Polytechnical UniversitySchool of Computer Science, Northwestern Polytechnical UniversitySchool of Electronics and Communication Engineering, Quanzhou University of Information EngineeringDepartment of Information Technology, College of Computer and Information Sciences, Princess Nourah bint Abdulrahman UniversityCentre for Smart Systems and Automation, CoE for Robotics and Sensing Technologies, Faculty of Artificial Intelligence and Engineering, Multimedia UniversityCentre for Smart Systems and Automation, CoE for Robotics and Sensing Technologies, Faculty of Artificial Intelligence and Engineering, Multimedia UniversityAbstract The proliferation of Internet of Things (IoT) devices has created unprecedented cybersecurity vulnerabilities, with botnets emerging as a critical threat to network infrastructure. This study focuses on traditional machine learning and deep learning approaches, proposes a novel ensemble framework to address these issues, integrating Convolutional Neural Network (CNN), Bidirectional Long Short-Term Memory (BiLSTM), Random Forest (RF), and Logistic Regression (LR) via a weighted soft-voting mechanism. Our approach introduces a Quantile Uniform transformation to reduce feature skewness, a multi-layered feature selection method to enhance discriminative power, an individual performance of deep learning–traditional machine learning and a hybrid models (ensemble models) for robust detection. Evaluated on BOT-IOT, CICIOT2023, and IOT23 datasets, the framework achieves 100% accuracy on BOT-IOT, 99.2% on CICIOT2023, and 91.5% on IOT23, outperforming state-of-the-art models by up to 6.2%. These contributions advance IoT security by enabling scalable, high-performance detection adaptable to diverse network scenarios, with practical optimizations for real-world deployment.https://doi.org/10.1038/s41598-025-16553-wIoTCyber-attacksBotnetDeep learningTraditional machine learningSMOTE |
| spellingShingle | Saeed Ullah Junsheng Wu Zhijun Lin Mian Muhammad Kamal Hala Mostafa Muhammad Sheraz Teong Chee Chuah Comparative analysis of deep learning and traditional methods for IoT botnet detection using a multi-model framework across diverse datasets Scientific Reports IoT Cyber-attacks Botnet Deep learning Traditional machine learning SMOTE |
| title | Comparative analysis of deep learning and traditional methods for IoT botnet detection using a multi-model framework across diverse datasets |
| title_full | Comparative analysis of deep learning and traditional methods for IoT botnet detection using a multi-model framework across diverse datasets |
| title_fullStr | Comparative analysis of deep learning and traditional methods for IoT botnet detection using a multi-model framework across diverse datasets |
| title_full_unstemmed | Comparative analysis of deep learning and traditional methods for IoT botnet detection using a multi-model framework across diverse datasets |
| title_short | Comparative analysis of deep learning and traditional methods for IoT botnet detection using a multi-model framework across diverse datasets |
| title_sort | comparative analysis of deep learning and traditional methods for iot botnet detection using a multi model framework across diverse datasets |
| topic | IoT Cyber-attacks Botnet Deep learning Traditional machine learning SMOTE |
| url | https://doi.org/10.1038/s41598-025-16553-w |
| work_keys_str_mv | AT saeedullah comparativeanalysisofdeeplearningandtraditionalmethodsforiotbotnetdetectionusingamultimodelframeworkacrossdiversedatasets AT junshengwu comparativeanalysisofdeeplearningandtraditionalmethodsforiotbotnetdetectionusingamultimodelframeworkacrossdiversedatasets AT zhijunlin comparativeanalysisofdeeplearningandtraditionalmethodsforiotbotnetdetectionusingamultimodelframeworkacrossdiversedatasets AT mianmuhammadkamal comparativeanalysisofdeeplearningandtraditionalmethodsforiotbotnetdetectionusingamultimodelframeworkacrossdiversedatasets AT halamostafa comparativeanalysisofdeeplearningandtraditionalmethodsforiotbotnetdetectionusingamultimodelframeworkacrossdiversedatasets AT muhammadsheraz comparativeanalysisofdeeplearningandtraditionalmethodsforiotbotnetdetectionusingamultimodelframeworkacrossdiversedatasets AT teongcheechuah comparativeanalysisofdeeplearningandtraditionalmethodsforiotbotnetdetectionusingamultimodelframeworkacrossdiversedatasets |