An opcode-based technique for polymorphic Internet of Things malware detection

被引:57
|
作者
Darabian, Hamid [1 ]
Dehghantanha, Ali [2 ]
Hashemi, Sattar [1 ]
Homayoun, Sajad [3 ]
Choo, Kim-Kwang Raymond [4 ]
机构
[1] Shiraz Univ, Dept Comp Engn, Shiraz, Iran
[2] Univ Guelph, Sch Comp Sci, Guelph, ON, Canada
[3] Shiraz Univ Technol, Dept Comp Engn & Informat Technol, Shiraz, Iran
[4] Univ Texas San Antonio, Dept Informat Syst & Cyber Secur, San Antonio, TX 78249 USA
来源
CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE | 2020年 / 32卷 / 06期
关键词
IoT malware; IoT security; malware detection; polymorphic malware; CHALLENGES; FORENSICS; SECURITY;
D O I
10.1002/cpe.5173
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
The increasing popularity of Internet of Things (IoT) devices makes them an attractive target for malware authors. In this paper, we use sequential pattern mining technique to detect most frequent opcode sequences of malicious IoT applications. Detected maximal frequent patterns (MFP) of opcode sequences can be used to differentiate malicious from benign IoT applications. We then evaluate the suitability of MFPs as a classification feature for K nearest neighbors (KNN), support vector machines (SVM), multilayer perceptron (MLP), AdaBoost, decision tree, and random forest classifier. Specifically, we achieve an accuracy rate of 99% in the detection of unseen IoT malware. We also demonstrate the utility of our approach in detecting polymorphed IoT malware samples.
引用
收藏
页数:14
相关论文
共 50 条
  • [1] Analysis and Comparison of Opcode-based Malware Detection Approaches
    Nar, Mert
    Kakisim, Arzu Gorgulu
    Carkaci, Necmettin
    Yavuz, Melek Nurten
    Sogukpinar, Ibrahim
    2018 3RD INTERNATIONAL CONFERENCE ON COMPUTER SCIENCE AND ENGINEERING (UBMK), 2018, : 498 - 503
  • [2] An Opcode-Based Malware Detection Model Using Supervised Learning Algorithms
    Samantray, Om Prakash
    Tripathy, Satya Narayan
    INTERNATIONAL JOURNAL OF INFORMATION SECURITY AND PRIVACY, 2021, 15 (04) : 18 - 30
  • [3] Deep learning-aided runtime opcode-based Windows malware detection
    Enes Sinan Parildi
    Dimitrios Hatzinakos
    Yuri Lawryshyn
    Neural Computing and Applications, 2021, 33 : 11963 - 11983
  • [4] Deep learning-aided runtime opcode-based Windows malware detection
    Parildi, Enes Sinan
    Hatzinakos, Dimitrios
    Lawryshyn, Yuri
    NEURAL COMPUTING & APPLICATIONS, 2021, 33 (18): : 11963 - 11983
  • [5] An Opcode-Based Vulnerability Detection of Smart Contracts
    Sui, Jia
    Chu, Lili
    Bao, Han
    APPLIED SCIENCES-BASEL, 2023, 13 (13):
  • [6] A malware variants detection methodology with an opcode-based feature learning method and a fast density-based clustering algorithm
    Yin, Hui
    Zhang, Jixin
    Qin, Zheng
    INTERNATIONAL JOURNAL OF COMPUTATIONAL SCIENCE AND ENGINEERING, 2020, 21 (01) : 19 - 29
  • [7] Malware Detection Based On Opcode Frequency
    Yewale, Abhijit
    Singh, Maninder
    PROCEEDINGS OF 2016 INTERNATIONAL CONFERENCE ON ADVANCED COMMUNICATION CONTROL AND COMPUTING TECHNOLOGIES (ICACCCT), 2016, : 646 - 649
  • [8] IoT Malware Detection Based on OPCODE Purification
    Gulatas, Ibrahim
    Kilinc, Haci Hakan
    Aydin, Muhammed Ali
    Zaim, Abdul Halim
    ELECTRICA, 2023, 23 (03): : 634 - 642
  • [9] Malware Detection Based on Opcode Sequence and ResNet
    Zhang, Xuetao
    Sun, Meng
    Wang, Jiabao
    Wang, Jinshuang
    SECURITY WITH INTELLIGENT COMPUTING AND BIG-DATA SERVICES, 2020, 895 : 489 - 502
  • [10] Data Augmentation for Opcode Sequence Based Malware Detection
    McLaughlin, Niall
    del Rincon, Jesus Martinez
    2022 CYBER RESEARCH CONFERENCE - IRELAND (CYBER-RCI), 2022, : 28 - 35
12345