An opcode-based technique for polymorphic Internet of Things malware detection

被引：57

作者：

Darabian, Hamid ^{[1
]}

Dehghantanha, Ali ^{[2
]}

Hashemi, Sattar ^{[1
]}

Homayoun, Sajad ^{[3
]}

Choo, Kim-Kwang Raymond ^{[4
]}

机构：

[1] Shiraz Univ, Dept Comp Engn, Shiraz, Iran

[2] Univ Guelph, Sch Comp Sci, Guelph, ON, Canada

[3] Shiraz Univ Technol, Dept Comp Engn & Informat Technol, Shiraz, Iran

[4] Univ Texas San Antonio, Dept Informat Syst & Cyber Secur, San Antonio, TX 78249 USA

来源：

CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE | 2020年 / 32卷 / 06期

关键词：

IoT malware; IoT security; malware detection; polymorphic malware; CHALLENGES; FORENSICS; SECURITY;

D O I：

10.1002/cpe.5173

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

The increasing popularity of Internet of Things (IoT) devices makes them an attractive target for malware authors. In this paper, we use sequential pattern mining technique to detect most frequent opcode sequences of malicious IoT applications. Detected maximal frequent patterns (MFP) of opcode sequences can be used to differentiate malicious from benign IoT applications. We then evaluate the suitability of MFPs as a classification feature for K nearest neighbors (KNN), support vector machines (SVM), multilayer perceptron (MLP), AdaBoost, decision tree, and random forest classifier. Specifically, we achieve an accuracy rate of 99% in the detection of unseen IoT malware. We also demonstrate the utility of our approach in detecting polymorphed IoT malware samples.

引用

页数：14

共 50 条

[21] Meta Opcode Space for Morphed Malware Detection
Azhikoden, Athira
Vinod, P.
2015 11TH INTERNATIONAL CONFERENCE ON INNOVATIONS IN INFORMATION TECHNOLOGY (IIT), 2015, : 284 - 289
[22] HeuCrip: a malware detection approach for internet of battlefield things
Imtiaz Ali shah
Abid Mehmood
Abdul Nasir Khan
Mourad Elhadef
Atta ur Rehman Khan
Cluster Computing, 2023, 26 : 977 - 992
[23] HeuCrip: a malware detection approach for internet of battlefield things
Shah, Imtiaz Ali
Mehmood, Abid
Khan, Abdul Nasir
Elhadef, Mourad
Khan, Atta ur Rehman
CLUSTER COMPUTING-THE JOURNAL OF NETWORKS SOFTWARE TOOLS AND APPLICATIONS, 2023, 26 (02): : 977 - 992
[24] Control flow-based opcode behavior analysis for Malware detection
Ding, Yuxin
Dai, Wei
Yan, Shengli
Zhang, Yumei
COMPUTERS & SECURITY, 2014, 44 : 65 - 74
[25] Detection of Zero-day Malware Based on the Analysis of Opcode Sequences
Zolotukhin, Mikhail
Hamalainen, Timo
2014 IEEE 11TH CONSUMER COMMUNICATIONS AND NETWORKING CONFERENCE (CCNC), 2014,
[26] Deep learning based cross architecture internet of things malware detection and classification
Chaganti, Rajasekhar
Ravi, Vinayakumar
Pham, Tuan D.
COMPUTERS & SECURITY, 2022, 120
[27] Role-opcode vs. Opcode: the New method in Computer Malware Detection
Ghezelbigloo, Zahra
VafaeiJahan, Majid
2014 INTERNATIONAL CONGRESS ON TECHNOLOGY, COMMUNICATION AND KNOWLEDGE (ICTCK), 2014,
[28] Malware Detection using Opcode Trigram Sequence with SVM
Elkhawas, Amr, I
Abdelbaki, Nashwa
2018 26TH INTERNATIONAL CONFERENCE ON SOFTWARE, TELECOMMUNICATIONS AND COMPUTER NETWORKS (SOFTCOM), 2018, : 252 - 257
[29] Malware Variants Detection Based on Opcode Image Recognition in Small Training Set
Wang, Tingting
Xu, Ning
2017 2ND IEEE INTERNATIONAL CONFERENCE ON CLOUD COMPUTING AND BIG DATA ANALYSIS (ICCCBDA 2017), 2017, : 328 - 332
[30] Polymorphic Malware Detection
Selamat, Nur Syuhada
Ali, Fakariah Hani Mohd
Abu Othman, Noor Ashitah
2016 6TH INTERNATIONAL CONFERENCE ON IT CONVERGENCE AND SECURITY (ICITCS 2016), 2016, : 274 - 278

← 1 2 3 4 5 →