An opcode-based technique for polymorphic Internet of Things malware detection

被引:57
|
作者
Darabian, Hamid [1 ]
Dehghantanha, Ali [2 ]
Hashemi, Sattar [1 ]
Homayoun, Sajad [3 ]
Choo, Kim-Kwang Raymond [4 ]
机构
[1] Shiraz Univ, Dept Comp Engn, Shiraz, Iran
[2] Univ Guelph, Sch Comp Sci, Guelph, ON, Canada
[3] Shiraz Univ Technol, Dept Comp Engn & Informat Technol, Shiraz, Iran
[4] Univ Texas San Antonio, Dept Informat Syst & Cyber Secur, San Antonio, TX 78249 USA
来源
CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE | 2020年 / 32卷 / 06期
关键词
IoT malware; IoT security; malware detection; polymorphic malware; CHALLENGES; FORENSICS; SECURITY;
D O I
10.1002/cpe.5173
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
The increasing popularity of Internet of Things (IoT) devices makes them an attractive target for malware authors. In this paper, we use sequential pattern mining technique to detect most frequent opcode sequences of malicious IoT applications. Detected maximal frequent patterns (MFP) of opcode sequences can be used to differentiate malicious from benign IoT applications. We then evaluate the suitability of MFPs as a classification feature for K nearest neighbors (KNN), support vector machines (SVM), multilayer perceptron (MLP), AdaBoost, decision tree, and random forest classifier. Specifically, we achieve an accuracy rate of 99% in the detection of unseen IoT malware. We also demonstrate the utility of our approach in detecting polymorphed IoT malware samples.
引用
收藏
页数:14
相关论文
共 50 条
  • [31] A New Method for Malware Detection Using Opcode Visualization
    Manavi, Farnoush
    Hamzeh, Ali
    2017 19TH CSI INTERNATIONAL SYMPOSIUM ON ARTIFICIAL INTELLIGENCE AND SIGNAL PROCESSING (AISP), 2017, : 96 - 102
  • [32] Resilient and Deep Network for Internet of Things (IoT) Malware Detection
    Bakhshinejad, Nazanin
    Hamzeh, Ali
    STATISTICS AND DATA SCIENCE, RSSDS 2019, 2019, 1150 : 183 - 197
  • [33] An Opcode Sequences Analysis Method For Unknown Malware Detection
    Sun, Zhi
    Rao, Zhihong
    Chen, Jianfeng
    Xu, Rui
    He, Da
    Yang, Hui
    Liu, Jie
    2019 2ND INTERNATIONAL CONFERENCE ON GEOINFORMATICS AND DATA ANALYSIS (ICGDA 2019), 2019, : 15 - 19
  • [34] Opcode-Sequence-Based Semi-supervised Unknown Malware Detection
    Santos, Igor
    Sanz, Borja
    Laorden, Carlos
    Brezo, Felix
    Bringas, Pablo G.
    COMPUTATIONAL INTELLIGENCE IN SECURITY FOR INFORMATION SYSTEMS, 2011, 6694 : 50 - 57
  • [35] Malware Detection Framework Based on Iterative Neighborhood Component Analysis for Internet of Medical Things
    Smmarwar, Santosh K.
    Gupta, Govind P.
    Kumar, Sanjay
    BIOMEDICAL ENGINEERING SCIENCE AND TECHNOLOGY, ICBEST 2023, 2024, 2003 : 98 - 106
  • [36] Embedding and Siamese deep neural network-based malware detection in Internet of Things
    Lakshmi, T. Sree
    Govindarajan, M.
    Srinivasulu, Asadi
    INTERNATIONAL JOURNAL OF PERVASIVE COMPUTING AND COMMUNICATIONS, 2022,
  • [37] IRMD: Malware variant Detection using opcode Image Recognition
    Zhang, Jixin
    Qin, Zheng
    Yin, Hui
    Ou, Lu
    Hu, Yupeng
    2016 IEEE 22ND INTERNATIONAL CONFERENCE ON PARALLEL AND DISTRIBUTED SYSTEMS (ICPADS), 2016, : 1175 - 1180
  • [38] Effectiveness of Opcode ngrams for Detection of Multi Family Android Malware
    Canfora, Gerardo
    De Lorenzo, Andrea
    Medvet, Eric
    Mercaldo, Francesco
    Visaggio, Corrado Aaron
    PROCEEDINGS 10TH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY ARES 2015, 2015, : 333 - 340
  • [39] Opcode sequences as representation of executables for data-mining-based unknown malware detection
    Santos, Igor
    Brezo, Felix
    Ugarte-Pedrero, Xabier
    Bringas, Pablo G.
    INFORMATION SCIENCES, 2013, 231 : 64 - 82
  • [40] Malware detection in industrial internet of things based on hybrid image visualization and deep learning model
    Naeem, Hamad
    Ullah, Farhan
    Naeem, Muhammad Rashid
    Khalid, Shehzad
    Vasan, Danish
    Jabbar, Sohail
    Saeed, Saqib
    AD HOC NETWORKS, 2020, 105
12345