Obfuscated memory malware detection in resource-constrained iot devices for smart city applications
Uloženo v:
| Název: | Obfuscated memory malware detection in resource-constrained iot devices for smart city applications |
|---|---|
| Autoři: | Shafin, Sakib, Karmakar, Gour, Mareels, Iven |
| Informace o vydavateli: | MDPI AG |
| Rok vydání: | 2023 |
| Sbírka: | Federation University Australia: FedUni ResearchOnline |
| Témata: | Air pollution, Artificial neural networks, Carbon monoxide, Decision making, Deep learning, Devices, Embedded applications, Embedded systems, Energy consumption, Humans, Humidity, Internet of Things, lightweight IoT security, Machine Learning, Malware, Memory, Long-Term, multiclass memory malware detection, Neural networks, Computer, Outdoor air quality, Processing Speed, Sensors, Smart cities, Spyware, Technology application, 4008 Electrical engineering, 4009 Electronics, sensors and digital hardware, 4606 Distribute computing and systems software |
| Popis: | Obfuscated Memory Malware (OMM) presents significant threats to interconnected systems, including smart city applications, for its ability to evade detection through concealment tactics. Existing OMM detection methods primarily focus on binary detection. Their multiclass versions consider a few families only and, thereby, fail to detect much existing and emerging malware. Moreover, their large memory size makes them unsuitable to be executed in resource-constrained embedded/IoT devices. To address this problem, in this paper, we propose a multiclass but lightweight malware detection method capable of identifying recent malware and is suitable to execute in embedded devices. For this, the method considers a hybrid model by combining the feature-learning capabilities of convolutional neural networks with the temporal modeling advantage of bidirectional long short-term memory. The proposed architecture exhibits compact size and fast processing speed, making it suitable for deployment in IoT devices that constitute the major components of smart city systems. Extensive experiments with the recent CIC-Malmem-2022 OMM dataset demonstrate that our method outperforms other machine learning-based models proposed in the literature in both detecting OMM and identifying specific attack types. Our proposed method thus offers a robust yet compact model executable in IoT devices for defending against obfuscated malware. |
| Druh dokumentu: | article in journal/newspaper |
| Jazyk: | unknown |
| Relation: | Sensors Vol. 23, no. 11 (2023), p. 5348; http://researchonline.federation.edu.au/vital/access/HandleResolver/1959.17/194271; vital:18339; https://doi.org/10.3390/s23115348 |
| DOI: | 10.3390/s23115348 |
| Dostupnost: | http://researchonline.federation.edu.au/vital/access/HandleResolver/1959.17/194271 https://doi.org/10.3390/s23115348 |
| Rights: | All metadata describing materials held in, or linked to, the repository is freely available under a CC0 licence ; https:// creativecommons.org/licenses/by/ 4.0/ ; Copyright: © 2023 by the authors. Licensee MDPI, Basel, Switzerland. ; Open Access |
| Přístupové číslo: | edsbas.567C82DF |
| Databáze: | BASE |
Nájsť tento článok vo Web of Science | FullText | Text: Availability: 0 CustomLinks: – Url: http://researchonline.federation.edu.au/vital/access/HandleResolver/1959.17/194271# Name: EDS - BASE (s4221598) Category: fullText Text: View record from BASE – Url: https://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=EBSCO&SrcAuth=EBSCO&DestApp=WOS&ServiceName=TransferToWoS&DestLinkType=GeneralSearchSummary&Func=Links&author=Shafin%20S Name: ISI Category: fullText Text: Nájsť tento článok vo Web of Science Icon: https://imagesrvr.epnet.com/ls/20docs.gif MouseOverText: Nájsť tento článok vo Web of Science |
|---|---|
| Header | DbId: edsbas DbLabel: BASE An: edsbas.567C82DF RelevancyScore: 944 AccessLevel: 3 PubType: Academic Journal PubTypeId: academicJournal PreciseRelevancyScore: 943.653564453125 |
| IllustrationInfo | |
| Items | – Name: Title Label: Title Group: Ti Data: Obfuscated memory malware detection in resource-constrained iot devices for smart city applications – Name: Author Label: Authors Group: Au Data: <searchLink fieldCode="AR" term="%22Shafin%2C+Sakib%22">Shafin, Sakib</searchLink><br /><searchLink fieldCode="AR" term="%22Karmakar%2C+Gour%22">Karmakar, Gour</searchLink><br /><searchLink fieldCode="AR" term="%22Mareels%2C+Iven%22">Mareels, Iven</searchLink> – Name: Publisher Label: Publisher Information Group: PubInfo Data: MDPI AG – Name: DatePubCY Label: Publication Year Group: Date Data: 2023 – Name: Subset Label: Collection Group: HoldingsInfo Data: Federation University Australia: FedUni ResearchOnline – Name: Subject Label: Subject Terms Group: Su Data: <searchLink fieldCode="DE" term="%22Air+pollution%22">Air pollution</searchLink><br /><searchLink fieldCode="DE" term="%22Artificial+neural+networks%22">Artificial neural networks</searchLink><br /><searchLink fieldCode="DE" term="%22Carbon+monoxide%22">Carbon monoxide</searchLink><br /><searchLink fieldCode="DE" term="%22Decision+making%22">Decision making</searchLink><br /><searchLink fieldCode="DE" term="%22Deep+learning%22">Deep learning</searchLink><br /><searchLink fieldCode="DE" term="%22Devices%22">Devices</searchLink><br /><searchLink fieldCode="DE" term="%22Embedded+applications%22">Embedded applications</searchLink><br /><searchLink fieldCode="DE" term="%22Embedded+systems%22">Embedded systems</searchLink><br /><searchLink fieldCode="DE" term="%22Energy+consumption%22">Energy consumption</searchLink><br /><searchLink fieldCode="DE" term="%22Humans%22">Humans</searchLink><br /><searchLink fieldCode="DE" term="%22Humidity%22">Humidity</searchLink><br /><searchLink fieldCode="DE" term="%22Internet+of+Things%22">Internet of Things</searchLink><br /><searchLink fieldCode="DE" term="%22lightweight+IoT+security%22">lightweight IoT security</searchLink><br /><searchLink fieldCode="DE" term="%22Machine+Learning%22">Machine Learning</searchLink><br /><searchLink fieldCode="DE" term="%22Malware%22">Malware</searchLink><br /><searchLink fieldCode="DE" term="%22Memory%22">Memory</searchLink><br /><searchLink fieldCode="DE" term="%22Long-Term%22">Long-Term</searchLink><br /><searchLink fieldCode="DE" term="%22multiclass+memory+malware+detection%22">multiclass memory malware detection</searchLink><br /><searchLink fieldCode="DE" term="%22Neural+networks%22">Neural networks</searchLink><br /><searchLink fieldCode="DE" term="%22Computer%22">Computer</searchLink><br /><searchLink fieldCode="DE" term="%22Outdoor+air+quality%22">Outdoor air quality</searchLink><br /><searchLink fieldCode="DE" term="%22Processing+Speed%22">Processing Speed</searchLink><br /><searchLink fieldCode="DE" term="%22Sensors%22">Sensors</searchLink><br /><searchLink fieldCode="DE" term="%22Smart+cities%22">Smart cities</searchLink><br /><searchLink fieldCode="DE" term="%22Spyware%22">Spyware</searchLink><br /><searchLink fieldCode="DE" term="%22Technology+application%22">Technology application</searchLink><br /><searchLink fieldCode="DE" term="%224008+Electrical+engineering%22">4008 Electrical engineering</searchLink><br /><searchLink fieldCode="DE" term="%224009+Electronics%22">4009 Electronics</searchLink><br /><searchLink fieldCode="DE" term="%22sensors+and+digital+hardware%22">sensors and digital hardware</searchLink><br /><searchLink fieldCode="DE" term="%224606+Distribute+computing+and+systems+software%22">4606 Distribute computing and systems software</searchLink> – Name: Abstract Label: Description Group: Ab Data: Obfuscated Memory Malware (OMM) presents significant threats to interconnected systems, including smart city applications, for its ability to evade detection through concealment tactics. Existing OMM detection methods primarily focus on binary detection. Their multiclass versions consider a few families only and, thereby, fail to detect much existing and emerging malware. Moreover, their large memory size makes them unsuitable to be executed in resource-constrained embedded/IoT devices. To address this problem, in this paper, we propose a multiclass but lightweight malware detection method capable of identifying recent malware and is suitable to execute in embedded devices. For this, the method considers a hybrid model by combining the feature-learning capabilities of convolutional neural networks with the temporal modeling advantage of bidirectional long short-term memory. The proposed architecture exhibits compact size and fast processing speed, making it suitable for deployment in IoT devices that constitute the major components of smart city systems. Extensive experiments with the recent CIC-Malmem-2022 OMM dataset demonstrate that our method outperforms other machine learning-based models proposed in the literature in both detecting OMM and identifying specific attack types. Our proposed method thus offers a robust yet compact model executable in IoT devices for defending against obfuscated malware. – Name: TypeDocument Label: Document Type Group: TypDoc Data: article in journal/newspaper – Name: Language Label: Language Group: Lang Data: unknown – Name: NoteTitleSource Label: Relation Group: SrcInfo Data: Sensors Vol. 23, no. 11 (2023), p. 5348; http://researchonline.federation.edu.au/vital/access/HandleResolver/1959.17/194271; vital:18339; https://doi.org/10.3390/s23115348 – Name: DOI Label: DOI Group: ID Data: 10.3390/s23115348 – Name: URL Label: Availability Group: URL Data: http://researchonline.federation.edu.au/vital/access/HandleResolver/1959.17/194271<br />https://doi.org/10.3390/s23115348 – Name: Copyright Label: Rights Group: Cpyrght Data: All metadata describing materials held in, or linked to, the repository is freely available under a CC0 licence ; https:// creativecommons.org/licenses/by/ 4.0/ ; Copyright: © 2023 by the authors. Licensee MDPI, Basel, Switzerland. ; Open Access – Name: AN Label: Accession Number Group: ID Data: edsbas.567C82DF |
| PLink | https://erproxy.cvtisr.sk/sfx/access?url=https://search.ebscohost.com/login.aspx?direct=true&site=eds-live&db=edsbas&AN=edsbas.567C82DF |
| RecordInfo | BibRecord: BibEntity: Identifiers: – Type: doi Value: 10.3390/s23115348 Languages: – Text: unknown Subjects: – SubjectFull: Air pollution Type: general – SubjectFull: Artificial neural networks Type: general – SubjectFull: Carbon monoxide Type: general – SubjectFull: Decision making Type: general – SubjectFull: Deep learning Type: general – SubjectFull: Devices Type: general – SubjectFull: Embedded applications Type: general – SubjectFull: Embedded systems Type: general – SubjectFull: Energy consumption Type: general – SubjectFull: Humans Type: general – SubjectFull: Humidity Type: general – SubjectFull: Internet of Things Type: general – SubjectFull: lightweight IoT security Type: general – SubjectFull: Machine Learning Type: general – SubjectFull: Malware Type: general – SubjectFull: Memory Type: general – SubjectFull: Long-Term Type: general – SubjectFull: multiclass memory malware detection Type: general – SubjectFull: Neural networks Type: general – SubjectFull: Computer Type: general – SubjectFull: Outdoor air quality Type: general – SubjectFull: Processing Speed Type: general – SubjectFull: Sensors Type: general – SubjectFull: Smart cities Type: general – SubjectFull: Spyware Type: general – SubjectFull: Technology application Type: general – SubjectFull: 4008 Electrical engineering Type: general – SubjectFull: 4009 Electronics Type: general – SubjectFull: sensors and digital hardware Type: general – SubjectFull: 4606 Distribute computing and systems software Type: general Titles: – TitleFull: Obfuscated memory malware detection in resource-constrained iot devices for smart city applications Type: main BibRelationships: HasContributorRelationships: – PersonEntity: Name: NameFull: Shafin, Sakib – PersonEntity: Name: NameFull: Karmakar, Gour – PersonEntity: Name: NameFull: Mareels, Iven IsPartOfRelationships: – BibEntity: Dates: – D: 01 M: 01 Type: published Y: 2023 Identifiers: – Type: issn-locals Value: edsbas – Type: issn-locals Value: edsbas.oa |
| ResultId | 1 |