FIViz: Forensics Investigation through Visualization for Malware in Internet of Things

Adoption of the Internet of Things for the realization of smart cities in various domains has been pushed by the advancements in Information Communication and Technology. Transportation, power delivery, environmental monitoring, and medical applications are among the front runners when it comes to leveraging the benefits of IoT for improving services through modern decision support systems. Though with the enormous usage of the Internet of Medical Things, security and privacy become intrinsic issues, thus adversaries can exploit these devices or information on these devices for malicious intents. These devices generate and log large and complex raw data which are used by decision support systems to provide better care to patients. Investigation of these enormous and complicated data from a victim's device is a daunting and time-consuming task for an investigator. Different feature-based frameworks have been proposed to resolve this problem to detect early and effectively the access logs to better assess the event. But the problem with the existing approaches is that it forces the investigator to manually comb through collected data which can contain a huge amount of irrelevant data. These data are provided normally in textual form to the investigators which are too time-consuming for the investigations even if they can utilize machine learning or natural language processing techniques. In this paper, we proposed a visualization-based approach to tackle the problem of investigating large and complex raw data sets from the Internet of Medical Things. Our contribution in this work is twofold. Firstly, we create a data set through a dynamic behavioral analysis of 400 malware samples. Secondly, the resultant and reduced data set were then visualized most feasibly. This is to investigate an incident easily. The experimental results show that an investigator can investigate large amounts of data in an easy and time-efficient manner through the effective use of visualization techniques.