Machine Learning Framework to Analyze IoT Malware Using ELF and Opcode Features

被引：25

作者：

Tien, Chin-Wei ^{[1
]}

Chen, Shang-Wen ^{[1
]}

Ban, Tao ^{[2
]}

Kuo, Sy-Yen ^{[3
]}

机构：

[1] Inst Informat Ind, Taipei, Taiwan

[2] Natl Inst Informat & Commun Technol, Tokyo, Japan

[3] Natl Taiwan Univ, Taipei, Taiwan

来源：

DIGITAL THREATS: RESEARCH AND PRACTICE | 2020年 / 1卷 / 01期

关键词：

ELF analysis; IoT security; malware detection; malware classification; machine learning; opcode analysis; CLASSIFICATION;

D O I：

10.1145/3378448

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Threats to devices that are part of the Internet of Things (IoT) are on the rise. Owing to the overwhelming diversity of IoT hardware and software, as well as its variants, conventional anti-virus techniques based on the Windows paradigm cannot be applied directly to counter threats to the IoT devices. In this article, we propose a framework that can efficiently analyze IoT malware in a wide range of environments. It consists of a universal feature representation obtained by static analysis of the malware and a machine learning scheme that first detects the malware and then classifies it into a known category. The framework was evaluated by applying it to a recently developed dataset consisting of more than 6,000 IoT malware samples collected from the HoneyPot project. The results show that the proposed method can obtain near-optimal accuracy in terms of the detection and classification of malware targeting IoT devices.

引用

页数：19

共 55 条

[1] Malicious Code Detection Using Penalized Splines on OPcode Frequency
Alazab, Mamoun
Al Kadiri, Mohammad
Venkatraman, Sitalakshmi
Al-Nemrat, Ameer
[J]. 2012 THIRD CYBERCRIME AND TRUSTWORTHY COMPUTING WORKSHOP (CTC 2012), 2012, : 38 - 47
[2] Anaconda, Anaconda Distribution (Download)
[3] [Anonymous], x86 Opcode and Instruction reference
[4] [Anonymous], The Internet of Things - How the Next Evolution of the Internet is Changing Everything
[5] ARM, 2001, ARM Information Center
[6] AV-Test, 2015, Linux: 16 Security Packages Against Windows and Linux Malware Put to the Test
[7] Robust Malware Detection for Internet of (Battlefield) Things Devices Using Deep Eigenspace Learning
Azmoodeh, Amin
Dehghantanha, Ali
Choo, Kim-Kwang Raymond
[J]. IEEE TRANSACTIONS ON SUSTAINABLE COMPUTING, 2019, 4 (01): : 88 - 95
[8] Bailey M, 2007, LECT NOTES COMPUT SC, V4637, P178
[9] Bayer U, 2006, J COMPUT VIROL HACKI, V2, P67, DOI 10.1007/s11416-006-0012-2
[10] Opcodes as predictor for malware
Bilar, Daniel
[J]. INTERNATIONAL JOURNAL OF ELECTRONIC SECURITY AND DIGITAL FORENSICS, 2007, 1 (02) : 156 - 168

← 1 2 3 4 5 6 →