Classifying IoT Botnet Attacks With Kolmogorov-Arnold Networks: A Comparative Analysis of Architectural Variations

Classifying IoT Botnet Attacks With Kolmogorov-Arnold Networks: A Comparative Analysis of Architectural Variations

The rapid expansion of devices on the Internet of Things (IoTs) has led to a significant rise in IoT botnet attacks, creating an urgent need for advanced detection and classification methods. This study aims to evaluate the effectiveness of Kolmogorov-Arnold Networks (KANs) and their architectural v...

Full description

Saved in:
Bibliographic Details
Main Authors: Phuc Hao do, Tran Duc Le, Truong Duy Dinh, van Dai Pham
Format: Article
Language:English
Published: IEEE 2025-01-01
Series:IEEE Access
Subjects:
Cybersecurity
IoT botnet detection
Kolmogorov-Arnold networks
network intrusion detection
Online Access:https://ieeexplore.ieee.org/document/10839389/
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The rapid expansion of devices on the Internet of Things (IoTs) has led to a significant rise in IoT botnet attacks, creating an urgent need for advanced detection and classification methods. This study aims to evaluate the effectiveness of Kolmogorov-Arnold Networks (KANs) and their architectural variations in classifying IoT botnet attacks, comparing their performance with traditional machine learning and deep learning models. We conducted a comparative analysis of five KAN architectures, including Original-KAN, Fast-KAN, Jacobi-KAN, Deep-KAN, and Chebyshev-KAN, against models like Multi-Layer Perceptron (MLP), Convolutional Neural Networks (CNN), Long Short-Term Memory (LSTM) networks, and Gated Recurrent Units (GRU). The evaluation was performed on three IoT botnet datasets: N-BaIoT, IoT23, and IoT-BotNet, using metrics such as accuracy, precision, recall, F1-score, training time, and model complexity. KAN variants consistently demonstrated robust performance, often exceeding traditional ML and DL models in accuracy and stability across all datasets. The Original-KAN variant, in particular, excelled in capturing complex, non-linear patterns inherent in IoT botnet traffic, achieving higher accuracy and faster convergence rates. Variations such as Fast-KAN and Deep-KAN offered favorable trade-offs between computational efficiency and modeling capacity, making them suitable for real-time and resource-constrained IoT environments. Kolmogorov-Arnold Networks prove to be highly effective for IoT botnet classification, outperforming conventional models and offering significant advantages in adaptability and accuracy. The integration of KAN-based models into existing cybersecurity frameworks can enhance the detection and mitigation of sophisticated botnet threats, thus contributing to more resilient and secure IoT ecosystems.
ISSN:2169-3536

Similar Items