This paper provides a comprehensive systematic literature review of IoT botnet DDoS attacks and evaluation of detection techniques. The authors, Metehan Gelgi, Yueting Guan, Sanjay Arunachala, Maddi Samba Siva Rao, and Nicola Dragoni, from DTU Compute, Technical University of Denmark, aim to understand the architecture of these botnets, evaluate the methodologies used in such attacks, and review the detection techniques proposed in recent literature. The paper highlights the vulnerabilities inherent in IoT devices, assesses the effectiveness of current detection strategies, and identifies areas that need further research and development to strengthen IoT security against DDoS attacks. The introduction discusses the increasing frequency and intensity of DDoS attacks, particularly those targeting IoT devices, and the growing trend of exploiting IoT vulnerabilities for botnet activities. The paper outlines the contributions of this review, which include a focus on various DDoS attacks of IoT botnets and detailed architecture of botnet attacks. The methodology section details the systematic literature review strategy, including research questions, search strategy, and study selection process. The authors explain how they identified and selected relevant papers to address the research questions. The paper then delves into the architecture of IoT botnets, describing the different types of botnet architectures (star topology, multiple-server, hierarchical, and random topology) and the key components of IoT botnet architecture (infected devices, command-and-control servers, and propagation mechanisms). It also provides an overview of the evolution of IoT botnets, highlighting significant events and developments from the early days of botnets to the more sophisticated and evasive botnets of today. The detection techniques section is divided into host-based and network-based detection techniques. Host-based detection techniques focus on analyzing the behavior of IoT devices to detect anomalies, while network-based detection techniques involve monitoring and analyzing traffic patterns within IoT networks. The paper discusses various methods, including static and dynamic analysis, honeypot-based solutions, SIEM systems, SDN-based detection, and DNS-based detection. The paper concludes by summarizing the main findings and open research questions, emphasizing the need for enhanced security measures in IoT devices to mitigate the risk of DDoS attacks. It also highlights the potential of machine learning and deep learning models in improving detection capabilities.This paper provides a comprehensive systematic literature review of IoT botnet DDoS attacks and evaluation of detection techniques. The authors, Metehan Gelgi, Yueting Guan, Sanjay Arunachala, Maddi Samba Siva Rao, and Nicola Dragoni, from DTU Compute, Technical University of Denmark, aim to understand the architecture of these botnets, evaluate the methodologies used in such attacks, and review the detection techniques proposed in recent literature. The paper highlights the vulnerabilities inherent in IoT devices, assesses the effectiveness of current detection strategies, and identifies areas that need further research and development to strengthen IoT security against DDoS attacks. The introduction discusses the increasing frequency and intensity of DDoS attacks, particularly those targeting IoT devices, and the growing trend of exploiting IoT vulnerabilities for botnet activities. The paper outlines the contributions of this review, which include a focus on various DDoS attacks of IoT botnets and detailed architecture of botnet attacks. The methodology section details the systematic literature review strategy, including research questions, search strategy, and study selection process. The authors explain how they identified and selected relevant papers to address the research questions. The paper then delves into the architecture of IoT botnets, describing the different types of botnet architectures (star topology, multiple-server, hierarchical, and random topology) and the key components of IoT botnet architecture (infected devices, command-and-control servers, and propagation mechanisms). It also provides an overview of the evolution of IoT botnets, highlighting significant events and developments from the early days of botnets to the more sophisticated and evasive botnets of today. The detection techniques section is divided into host-based and network-based detection techniques. Host-based detection techniques focus on analyzing the behavior of IoT devices to detect anomalies, while network-based detection techniques involve monitoring and analyzing traffic patterns within IoT networks. The paper discusses various methods, including static and dynamic analysis, honeypot-based solutions, SIEM systems, SDN-based detection, and DNS-based detection. The paper concludes by summarizing the main findings and open research questions, emphasizing the need for enhanced security measures in IoT devices to mitigate the risk of DDoS attacks. It also highlights the potential of machine learning and deep learning models in improving detection capabilities.