Tools and Techniques for Collection and Analysis of Internet-of-Things malware: A systematic state-of-art review

被引:13
作者
Madan, Sanjay [1 ,2 ]
Sofat, Sanjeev [1 ]
Bansal, Divya [1 ]
机构
[1] Punjab Engn Coll, CSE Dept, Chandigarh, India
[2] Ctr Dev Adv Comp C DAC, Mohali, India
关键词
Linux Malware; IoT malware; IoT Honeypot; Linux Sandbox; Malware Analysis; Information Security; IOT MALWARE; CLASSIFICATION;
D O I
10.1016/j.jksuci.2021.12.016
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
IoT devices which include wireless sensors, software, actuators, and computer devices operated through the Internet, enable the transfer of data among objects or people automatically without human intervention. Since these devices are resource constraint embedded devices, security policies are not implemented adequately upon these devices. The connectivity with the Internet, diversity of hardware, varied operating platforms, and surge in attack surface increases the target space for malicious cyber actors. The threat probability increases substantially since the attacker takes advantage of less secure, vulnerable devices to perform the massive-scale attack on the critical infrastructure. It has been observed that the majority of embedded IoT devices operate upon Linux-flavoured operating environments. This paper reviews the Linux-based IoT malware analysis techniques and tools employed for malware detection, analysis, and classification. Various threat data collection methods have been discussed at length and a thorough study of tools and techniques used in static and dynamic analysis of the Linux malware has been provided. A review of the machine learning methods developed using discrete features to classify the malicious program is one of the essential components of this paper. The paper concluded with a discussion on various open issues and challenges that need to be addressed by the research community at large. (c) 2021 The Authors. Published by Elsevier B.V. on behalf of King Saud University. This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).
引用
收藏
页码:9867 / 9888
页数:22
相关论文
共 179 条
  • [1] Abadi M, 2016, PROCEEDINGS OF OSDI'16: 12TH USENIX SYMPOSIUM ON OPERATING SYSTEMS DESIGN AND IMPLEMENTATION, P265
  • [2] Abomhara M., 2015, Journal of Cyber Security and Mobility, P65, DOI [10.13052/jcsm2245-1439.414, DOI 10.13052/JCSM2245-1439.414]
  • [3] Abushaina A., 2021, IEEE T DEPENDABLE SE, P1
  • [4] Alasmaiy H., 2019, IEEE INTERNET THINGS, V6, P77
  • [5] Alasmary H., 2021, IEEE INTERNET THINGS, V1
  • [6] Alazab M., 2010, Proceedings Second Cybercrime and Trustworthy Computing Workshop (CTC 2010), P52, DOI 10.1109/CTC.2010.8
  • [7] KEEL: a software tool to assess evolutionary algorithms for data mining problems
    Alcala-Fdez, J.
    Sanchez, L.
    Garcia, S.
    del Jesus, M. J.
    Ventura, S.
    Garrell, J. M.
    Otero, J.
    Romero, C.
    Bacardit, J.
    Rivas, V. M.
    Fernandez, J. C.
    Herrera, F.
    [J]. SOFT COMPUTING, 2009, 13 (03) : 307 - 318
  • [8] Alrawi O, 2021, PROCEEDINGS OF THE 30TH USENIX SECURITY SYMPOSIUM, P3505
  • [9] Andrea I, 2015, 2015 IEEE SYMPOSIUM ON COMPUTERS AND COMMUNICATION (ISCC), P180, DOI 10.1109/ISCC.2015.7405513
  • [10] [Anonymous], 2016, Internet security threat report. Retreived from