Indonesian Journal of Electrical Engineering and Computer Science Vol. 38, No. 2, May 2025, pp. 1098~1105 ISSN: 2502-4752, DOI: 10.11591/ijeecs.v38.i2.pp1098-1105  1098 Journal homepage: http://ijeecs.iaescore.com A GRU-based approach for botnet detection using deep learning technique Suchetha G. 1 , Pushpalatha K. 2 1 Department of Information Science and Engineering, Sahyadri College of Engineering and Management, Visvesvaraya Technological University, Belagavi, India 2 Department of CSE (Artificial Intelligence and Machine Learning), Sahyadri College of Engineering and Management, Visvesvaraya Technological University, Belagavi, India Article Info ABSTRACT Article history: Received Jun 22, 2024 Revised Oct 29, 2024 Accepted Nov 11, 2024 The increasing volume of network traffic data exchanged among interconnected devices on the internet of things (IoT) poses a significant challenge for conventional intrusion detection systems (IDS), especially in the face of evolving and unpredictable security threats. It is crucial to develop adaptive and effective IDS for IoT to mitigate false alarms and ensure high detection accuracy, particularly with the surge in botnet attacks. These attacks have the potential to turn seemingly harmless devices into zombies, generating malicious traffic that disrupts network operations. This paper introduces a novel approach to IoT intrusion detection, leveraging machine learning techniques and the extensive UNSW-NB15 dataset. Our primary focus lies in designing, implementing, and evaluating machine learning (ML) models, including K-nearest neighbors (KNN), random forest (RF), long short-term memory (LSTM), and gated recurrent unit (GRU), against prevalent botnet attacks. The successful testing against prominent Bot- net attacks using a dedicated dataset further validates its potential for enhancing intrusion detection accuracy in dynamic and evolving IoT landscapes. Keywords: Botnet Gated recurrent unit K-nearest neighbors Long short-term memory Random forest SelectKBest This is an open access article under the CC BY-SA license. Corresponding Author: Suchetha G. Department of Information Science and Engineering, Sahyadri College of Engineering and Management Visvesvaraya Technological University Belagavi-590018, India Email: suchethag87@gmail.com 1. INTRODUCTION The rise of botnets poses one of the most significant challenges to cybersecurity, especially within the rapidly expanding internet of things (IoT) ecosystem [1]. These networks of compromised devices enable a wide range of cybercrimes, including distributed denial of service (DDoS) attacks, data breaches, and spam campaigns. Traditional cybersecurity measures have proven insufficient, especially given the volume and diversity of IoT devices, many of which have limited security, making them prime targets for botnet infections. In response to these challenges, the cybersecurity community has increasingly adopted machine learning (ML) and deep learning (DL) techniques, such as K-nearest neighbors (KNN), random forest (RF) [2], long short- term memory (LSTM) [3], and gated recurrent unit (GRU). While these models show potential, they face significant limitations. Traditional ML models often struggle with the variability of IoT network traffic, leading to reduced accuracy. Meanwhile, existing DL models, though powerful, require substantial computational resources, making them less feasible for real-time applications in resource-constrained IoT environments [4]. Improving feature selection is crucial for enhancing model performance. Addressing these challenges is essential for advancing botnet detection systems. This research aims to close these gaps by developing a