University of Edinburgh Featured PhD Programmes
Health Data Research UK Featured PhD Programmes
Life Science Zurich Graduate School Featured PhD Programmes

Deep Learning based Network Forensic Methods for Investigating Botnets in the IoT (Application Ref: SF19/EE/CIS/ASLAM)

Faculty of Engineering and Environment

This project is no longer listed on and may not be available.

Click here to search for PhD studentship opportunities
Dr N Aslam , Dr B Issac Applications accepted all year round Self-Funded PhD Students Only

About the Project

The process of designing IoT protocols and sensors and the lack of standards are the main reasons why the IoT is an easy target for botnets. Network Forensics is the branch of Digital Forensics, where the evidence is network-related and exist in the form of logs, packets and network flows. Popular methods of investigating botnets include Honeypot, Network flow analysis, Intrusion detection systems, Visualization of Network traffic, Deep Packet Analysis etc. Multiple deep learning solutions have been proposed for application in the field of Network Forensics in recent years. Niyaz et al. (2016) used stacked auto-encoders in their implementation of a DDoS detection system for software defined networks. The multiple auto-encoders were greedily trained layer-by-layer, with the output of one layer being the input of the next. Then the entire network was fine-tuned as a classifier. Reported accuracy for distinguishing between normal and attack traffic was 99.82%, outperforming other classification methods such as shallow NN, while individual types of DDoS attacks were identified with an accuracy of 95.65%. Lotfollahi et al. (2017) used a combination of a one-dimensional CNN and stacked auto-encoders for automatic feature extraction and classification of network traffic, achieving both application identification and traffic characterization in either encrypted or unencrypted traffic.
This project will explore the use of Recurrent Neural Network (RNN), Convolutional Neural Networks (CNN), Deep Auto Encoder (DAE), Deep Boltzman Machine (DBM) and Deep Belief Network (DBN), alongside some of the network forensics methods, whereby botnets in IoT can be effectively mitigated. For example, some ways of enhancing Honeypot implementations might include, making them more resilient against anti-forensics mechanisms, increasing the number of supported protocols thus increasing the range of mimicked IoT devices and handling the massive quantities of incoming traffic which could be generated by an IoT Botnet (N. Koroniotis et al., 2019)

This project is supervised by Dr Nauman Aslam.

Eligibility and How to Apply:

Please note eligibility requirement:
• Academic excellence of the proposed student i.e. 2:1 (or equivalent GPA from non-UK universities [preference for 1st class honours]); or a Masters (preference for Merit or above); or APEL evidence of substantial practitioner achievement.
• Appropriate IELTS score, if required.

For further details of how to apply, entry requirements and the application form, see

Please note: Applications that do not include a research proposal of approximately 1,000 words (not a copy of the advert), or that do not include the advert reference (e.g. SF19/EE/CIS/ASLAM) will not be considered.

Start Date: 1 March 2020 or 1 October 2020

Northumbria University takes pride in, and values, the quality and diversity of our staff. We welcome applications from all members of the community. The University holds an Athena SWAN Bronze award in recognition of our commitment to improving employment practices for the advancement of gender equality and is a member of the Euraxess network, which delivers information and support to professional researchers.

Funding Notes

This is an unfunded research project.


Sami Smadi, N Aslam, L. Zhang, (2018). "Detection of online phishing email using dynamic evolving neural network based on reinforcement learning”, Elsevier Decision Support Systems, Vol 107, pages 88 – 102, March 2018.

M. Aluthaman, N Aslam, L. Zhang and R. Aslem, (2017). "A P2P Botnet Detection Scheme based on Decision Tree and Adaptive Multi-layer Neural Networks”, Journal of Neural Computing and Applications, 2017

S Doswell, D Kendall, N Aslam, G Sexton, (2015). “A longitudinal approach to measuring the impact of mobility on low-latency anonymity networks” International Wireless Communications and Mobile Computing Conference (IWCMC), Croatia, 2015

Stephen Doswell, Nauman Aslam, David Kendall and Graham Sexton, (2013)."Please slow down! The impact on Tor performance from mobility", 3rd Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM), in conjunction with the 20th ACM Conference on Computer and Communications Security (CCS), Berlin, Germany, November 4-8, 2013

A Moh’d, N Aslam, W Phillips and W Robertson (2013). “A dual-mode energy efficient encryption protocol for wireless sensor networks” Elsevier Ad hoc Networks, Volume 11, Issue 8, November 2013, Pages 2588–2604

Barraclough, P. A., Hossain M. A., Tahir M., and Aslam, N., (2013). “Intelligent phishing detection and protection scheme for online transactions”, Elsevier Science Expert Systems with Applications, 40 (2013) 4697–4706, 2013

Sharma, R., Issac, B. & K., Kalita, H. R. (2019). Intrusion Detection and Response System Inspired by the Defense Mechanism of Plants, IEEE Access, IEEE, ISSN 2169-3536, vol. 7, 52427-52439.

Sharma, R. K., Kalita, H. R. & Issac, B. (2018). Are Machine Learning Based Intrusion Detection System Always Secure? An Insight Into Tampered Learning, Journal of Intelligent and Fuzzy Systems, IOS Press, ISSN 1064-1246, 35(3), pp. 3635-3651.

Shah, S. A. R., Issac, B. & Jacob, S. M. (2018). Intelligent Intrusion Detection System through Combined and Optimized Machine Learning, International Journal of Computational Intelligence and Applications (IJCIA), Imperial College Press (World Scientific Europe), ISSN 1469-0268, 17(2), 17 pages.
Search Suggestions

Search Suggestions

Based on your current searches we recommend the following search filters.

FindAPhD. Copyright 2005-2020
All rights reserved.