The rapid advancement and widespread adoption of internet technologies have led to a surge in cyber attacks, with botnet attacks emerging as particularly detrimental. Identifying botnet activities is increasingly challenging due to the diverse attack vectors and the evolving nature of malware. As the Internet of Things (IoT) continues to expand, network devices become more vulnerable to these sophisticated attacks, resulting in significant security breaches and financial losses. To address this, we propose a hybrid machine learning model for effective botnet detection in IoT environments, leveraging a novel stacking approach that integrates Artificial Neural Networks (ANN), Convolutional Neural Networks (CNN), Long Short-Term Memory (LSTM) networks, and Recurrent Neural Networks (RNN) into a cohesive system referred to as ACLR. Our model is evaluated against individual models and demonstrates superior performance with a testing accuracy of 96.98%. Additionally, it achieves a K-fold cross-validation accuracy of 97.49% with optimal robustness and generalizability observed at k = 5. The ACLR model excels in detecting botnets, evidenced by a high Receiver Operating Characteristic Area Under the Curve (ROC-AUC) score of 0.9934 and a Precision-Recall Area Under the Curve (PR-AUC) score of 0.9950. Comparative analysis with existing state-of-the-art techniques highlights the effectiveness of the ACLR model in capturing the complex patterns of botnet activities, thereby offering a promising solution for enhancing cybersecurity measures in IoT environments.

Keywords:   Botnet Detection,Hybrid Machine Learning,Artificial Neural Networks (ANN),Convolutional Neural Networks (CNN),Long Short-Term Memory (LSTM),Recurrent,Neural Networks (RNN),Internet of Things (IoT),Cybersecurity,Receiver,Operating Characteristic (ROC) Curve,Precision-Recall (PR) Curve