Obfuscated memory malware detection in resource-constrained iot devices for smart city applications
Uloženo v:
| Název: | Obfuscated memory malware detection in resource-constrained iot devices for smart city applications |
|---|---|
| Autoři: | Shafin, Sakib, Karmakar, Gour, Mareels, Iven |
| Informace o vydavateli: | MDPI AG |
| Rok vydání: | 2023 |
| Sbírka: | Federation University Australia: FedUni ResearchOnline |
| Témata: | Air pollution, Artificial neural networks, Carbon monoxide, Decision making, Deep learning, Devices, Embedded applications, Embedded systems, Energy consumption, Humans, Humidity, Internet of Things, lightweight IoT security, Machine Learning, Malware, Memory, Long-Term, multiclass memory malware detection, Neural networks, Computer, Outdoor air quality, Processing Speed, Sensors, Smart cities, Spyware, Technology application, 4008 Electrical engineering, 4009 Electronics, sensors and digital hardware, 4606 Distribute computing and systems software |
| Popis: | Obfuscated Memory Malware (OMM) presents significant threats to interconnected systems, including smart city applications, for its ability to evade detection through concealment tactics. Existing OMM detection methods primarily focus on binary detection. Their multiclass versions consider a few families only and, thereby, fail to detect much existing and emerging malware. Moreover, their large memory size makes them unsuitable to be executed in resource-constrained embedded/IoT devices. To address this problem, in this paper, we propose a multiclass but lightweight malware detection method capable of identifying recent malware and is suitable to execute in embedded devices. For this, the method considers a hybrid model by combining the feature-learning capabilities of convolutional neural networks with the temporal modeling advantage of bidirectional long short-term memory. The proposed architecture exhibits compact size and fast processing speed, making it suitable for deployment in IoT devices that constitute the major components of smart city systems. Extensive experiments with the recent CIC-Malmem-2022 OMM dataset demonstrate that our method outperforms other machine learning-based models proposed in the literature in both detecting OMM and identifying specific attack types. Our proposed method thus offers a robust yet compact model executable in IoT devices for defending against obfuscated malware. |
| Druh dokumentu: | article in journal/newspaper |
| Jazyk: | unknown |
| Relation: | Sensors Vol. 23, no. 11 (2023), p. 5348; http://researchonline.federation.edu.au/vital/access/HandleResolver/1959.17/194271; vital:18339; https://doi.org/10.3390/s23115348 |
| DOI: | 10.3390/s23115348 |
| Dostupnost: | http://researchonline.federation.edu.au/vital/access/HandleResolver/1959.17/194271 https://doi.org/10.3390/s23115348 |
| Rights: | All metadata describing materials held in, or linked to, the repository is freely available under a CC0 licence ; https:// creativecommons.org/licenses/by/ 4.0/ ; Copyright: © 2023 by the authors. Licensee MDPI, Basel, Switzerland. ; Open Access |
| Přístupové číslo: | edsbas.567C82DF |
| Databáze: | BASE |
Nájsť tento článok vo Web of Science | Abstrakt: | Obfuscated Memory Malware (OMM) presents significant threats to interconnected systems, including smart city applications, for its ability to evade detection through concealment tactics. Existing OMM detection methods primarily focus on binary detection. Their multiclass versions consider a few families only and, thereby, fail to detect much existing and emerging malware. Moreover, their large memory size makes them unsuitable to be executed in resource-constrained embedded/IoT devices. To address this problem, in this paper, we propose a multiclass but lightweight malware detection method capable of identifying recent malware and is suitable to execute in embedded devices. For this, the method considers a hybrid model by combining the feature-learning capabilities of convolutional neural networks with the temporal modeling advantage of bidirectional long short-term memory. The proposed architecture exhibits compact size and fast processing speed, making it suitable for deployment in IoT devices that constitute the major components of smart city systems. Extensive experiments with the recent CIC-Malmem-2022 OMM dataset demonstrate that our method outperforms other machine learning-based models proposed in the literature in both detecting OMM and identifying specific attack types. Our proposed method thus offers a robust yet compact model executable in IoT devices for defending against obfuscated malware. |
|---|---|
| DOI: | 10.3390/s23115348 |