With the rapidly spreading usage of Internet of Things (IoT) devices, a network intrusion detection system (NIDS) plays an important role in detecting and protecting various types of attacks in the IoT network. To evaluate the robustness of the NIDS in the IoT network, the existing work proposed a realistic botnet dataset in the IoT network (Bot-IoT dataset) and applied it to machine learning-based anomaly detection. This dataset contains imbalanced normal and attack packets because the number of normal packets is much smaller than that of attack ones. The nature of imbalanced data may make it difficult to identify the minority class correctly. In this thesis, to address the class imbalance problem in the Bot-IoT dataset, we propose a binary classification method with synthetic minority over-sampling techniques (SMOTE). The proposed classifier aims to detect attack packets and overcome the class imbalance problem using the SMOTE algorithm. Through numerical results, we demonstrate the proposed classifier's fundamental characteristics and the impact of imbalanced data on its performance.

翻译：随着物联网设备的迅速普及，网络入侵检测系统在检测和保护物联网网络中的各类攻击中发挥着重要作用。为了评估物联网网络中入侵检测系统的鲁棒性，现有研究提出了一个真实的物联网网络僵尸网络数据集（Bot-IoT 数据集），并将其应用于基于机器学习的异常检测。该数据集中正常数据包与攻击数据包的数量不均衡，因为正常数据包的数量远少于攻击数据包。这种数据不平衡的特性可能导致难以正确识别少数类。本文针对 Bot-IoT 数据集中的类别不平衡问题，提出了一种结合合成少数类过采样技术的二分类方法。所提出的分类器旨在利用 SMOTE 算法检测攻击数据包并克服类别不平衡问题。通过数值结果，我们展示了所提出分类器的基本特征以及不平衡数据对其性能的影响。