Machine Learning–Based IoT Botnet Detection: Techniques, Challenges, and Future Research Directions: A Comprehensive Review
Keywords:
IoT Security, Botnet Detection, Machine Learning, Deep Learning, Intrusion Detection Systems, Cybersecurity, Network Traffic AnalysisAbstract
The rapid proliferation of the Internet of Things (IoT) devices has increased the attack surface of current networks, thus enabling IoT environments to be more penetrable to botnet-based cyber-attacks such as DDoS, scanning, malware spread, etc. The conventional simple security measures are often not much help because of IoT being highly diverse, highly resource-constrained, and large scaled. Therefore, ML and DL have been touted as promising mechanisms for facilitative-botnet detection in IoT. This review paper informs on those aspects of the recent ML methods from supervised, unsupervised, semi-supervised, and hybrid models that have been made use of in the exploration of novel ways of doing IoT botnet detections and analyses where forest Random, Support Vector Machine, ensemble, CNN, RNN, and Planning Systems are discussed critically in terms of detection efficiency, false alarm rate, and computational complexity. The paper also explores new paradigms like explainable artificial learning, federated learning, and the integration of cyber threat intelligence to promote the addictiveness and resilience of IoT systems. Even after achieving true detection accuracies greater than 95% from research exercises using benchmarked datasets, present approaches struggle with multiple shortcomings, which include class imbalance, lack of real-time deployment, high computational cost, nonexistent generalization capabilities to zero-day threats, and the fact that they do not work well for IoT devices. Through an extensive comparative analysis, a discussion of the existing vulnerabilities, and a summary of research gaps, this study altogether indicates the more desirable route of building efficient, scalable, and adaptive IoT botnet detection frameworks. While stressing the design of lightweight models, real-time detection, generalization across multiple datasets, and coupled prevention and detection mechanisms toward the building of resilient IoT cyber defenses, this paper discusses future research directions.
References
Happy, Rita Chhikara, and Neeti Kashyap. "ML-BoTDAM: machine learning driven botnet detection and alerting mechanism." Memetic Computing 18.1 (2026): 13.
Babenko, Tetiana, et al. "Hybrid GNN–LSTM Architecture for Probabilistic IoT Botnet Detection with Calibrated Risk Assessment." Computers 15.1 (2026): 26.
Harit, Vibhor, Rajeev Dahiya, and Umang Garg. "An optimized deep learning-based intrusion detection system for IoT botnets using hybrid feature selection." Recent Advances in Computational Methods in Science and Technology. CRC Press, 2026. 318-327.
Ram, Raja, and Sanjay Pal. "Optimization Analysis of CNN-based Deep Learning System for Autonomous Detection of IoT Botnet Attacks." International Journal of Research & Technology 14.1 (2026): 28-32.
Reddy, K. Sudhakar, et al. "An Effective Software defined Network for Botnet Attack Detection and Mitigation using Deep Learning Approaches." Adaptive Technologies for Sustainable Growth. CRC Press, 2026. 224-228.
Aljammaz, Nouf, Mohammed Elaffendi, and Suliman Fati. "C2 communications and botnet detection: Exploring the potential of deep learning for automating the detection process." Cybersecurity, Cybercrimes, and Smart Emerging Technologies. CRC Press, 2026. 32-43.
Gilliland, Joshua, et al. "Comparing Machine Learning Algorithms for Detection and Prevention of Cyber-Attacks on IoT Devices: A Literature Review." Leadership, Business and Management in STEM (2026): 94-104.
Saxena, Nitesh Kumar, and Bhupender Singh Rawat. "Detection of Mozi IoT Botnet Using Autoencoder-Based Feature Learning and Hashing." Journal of Recent Innovations in Computer Science and Technology 3.1 (2026): 64-73.
Qin, Zhipeng, et al. "A Botnet Detection Method for Encrypted DNS Traffic Based on Multi-branch Knowledge Distillation." Computer Networks (2026): 112060.
Memos, Vasileios A., et al. "A Novel Architecture for Mitigating Botnet Threats in AI-Powered IoT Environments." Sensors 26.2 (2026): 572.
Nandanwar, Himanshu, and Rahul Katarya. "Alpha-Net: A dependable and trustworthy deep learning framework for securing industrial internet of things networks against botnet attacks." Computers and Electrical Engineering 131 (2026): 110919.
Zahid, Mohammad, and Taran Singh Bharati. "Leveraging Machine Learning and Deep Learning in IoT Security: A Review." Security and Privacy 9.1 (2026): e70144.
Qin, Zhipeng, et al. "A Botnet Detection Method for Encrypted DNS Traffic Based on Multi-branch Knowledge Distillation." Computer Networks (2026): 112060.
Ahmad, Ishtiaq, et al. "Quantum Machine Learning for Anomaly Detection: The Future of Smarter and Safer IoT Networks." IEEE Network (2026).
Maroof, Mediha, Ayesha Maroof, and Ayesha Bano. "Anomaly Detection in IoT Using Machine Learning Techniques: A Comparative Study and Voting-Ensemble Approach." The Asian Bulletin of Big Data Management 6.1 (2026): 1-16.
Bharathi, Indira, Veeramani Sonai, and Sridevi S. "Quantum-driven enhanced machine learning algorithm for intrusion detection in Internet of things environment." EPJ Quantum Technology (2026).
Al-Shurbaji, Tamara, et al. "Deep learning-based intrusion detection system for detecting IoT botnet attacks: a review." IEEE Access 13 (2025): 11792-11822.
Abbasi, Fereshteh, Marjan Naderan, and Seyed Enayatallah Alavi. "Dimensionality reduction with deep learning classification for botnet detection in the Internet of Things." Expert Systems with Applications 267 (2025): 126149.
Alexander, R., and K. Pradeep Mohan Kumar. "BOTSIAM-DRL-Botnet detection using a few shot active matching siamese network deep reinforcement learning in IoT networks." Cluster Computing 28.10 (2025): 665.
Hossain, Md Alamgir, and Md Samiul Islam. "Towards decentralized cybersecurity: a novel privacy-preserving federated learning approach for botnet attack detection." Blockchain: Research and Applications (2025): 100355.
Tariq, Usman, and Tariq Ahamed Ahanger. "Employing SAE-GRU deep learning for scalable botnet detection in smart city infrastructure." PeerJ Computer Science 11 (2025): e2869.
Ali, Mudasir, et al. "Botnet detection in internet of things using stacked ensemble learning model." Scientific Reports 15.1 (2025): 21012.
Haq, Baseer Ul, et al. "Botnets Attack Detection Using Bio‐Inspired Deep Learning Techniques in Internet of Medical Things (IoMT)." Security and Privacy 8.1 (2025): e493.
Imtiaz, Nouman, et al. "A deep learning-based approach for the detection of various internet of things intrusion attacks through optical networks." Photonics. Vol. 12. No. 1. MDPI, 2025.
Alqattan, Duaa, et al. "Modular neural network for edge-based detection of early-stage iot botnet." High-Confidence Computing 5.1 (2025): 100230.
Saied, Mohamed, and Shawkat Guirguis. "Explainable artificial intelligence for botnet detection in internet of things." Scientific Reports 15.1 (2025): 7632.
Salama, Ramiz, et al. "Deep learning technology: enabling safe communication via the internet of things." Frontiers in communications and networks 6 (2025): 1416845.
Salama, Ramiz, et al. "Deep learning technology: enabling safe communication via the internet of things." Frontiers in communications and networks 6 (2025): 1416845.
Polam, Ram Mohan, et al. "Advanced Machine Learning for Robust Botnet Attack Detection in Evolving Threat Landscapes." Available at SSRN 5515384 (2025).
Esmaeilyfard, Rasool, Zohre Shoaei, and Reza Javidan. "A lightweight and efficient model for botnet detection in IoT using stacked ensemble learning: R. Esmaeilyfard et al." Soft Computing 29.1 (2025): 89-101.
Downloads
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
