Technique for IoT malware detection based on control flow graph analysis
The Internet of Things (IoT) refers to the millions of devices around the world that are connected to the Internet. Insecure IoT devices designed without proper security features are the targets of many Internet threats. The rapid integration of the Internet into the IoT infrastructure in various ar...
Main Authors: | , , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
National Aerospace University «Kharkiv Aviation Institute»
2022-02-01
|
Series: | Радіоелектронні і комп'ютерні системи |
Subjects: | |
Online Access: | http://nti.khai.edu/ojs/index.php/reks/article/view/1658 |
_version_ | 1797720003371335680 |
---|---|
author | Kira Bobrovnikova Sergii Lysenko Bohdan Savenko Piotr Gaj Oleg Savenko |
author_facet | Kira Bobrovnikova Sergii Lysenko Bohdan Savenko Piotr Gaj Oleg Savenko |
author_sort | Kira Bobrovnikova |
collection | DOAJ |
description | The Internet of Things (IoT) refers to the millions of devices around the world that are connected to the Internet. Insecure IoT devices designed without proper security features are the targets of many Internet threats. The rapid integration of the Internet into the IoT infrastructure in various areas of human activity, including vulnerable critical infrastructure, makes the detection of malware in the Internet of Things increasingly important. Annual reports from IoT infrastructure cybersecurity companies and antivirus software vendors show an increase in malware attacks targeting IoT infrastructure. This demonstrates the failure of modern methods for detecting malware on the Internet of things. This is why there is an urgent need for new approaches to IoT malware detection and to protect IoT devices from IoT malware attacks. The subject of the research is the malware detection process on the Internet of Things. This study aims to develop a technique for malware detection based on the control flow graph analysis. Results. This paper presents a new approach for IoT malware detection based on control flow graph analysis. Control flow graphs were built for suspicious IoT applications. The control flow graph is represented as a directed graph, which contains information about the components of the suspicious program and the transitions between them. Based on the control flow graph, metrics can be extracted that describe the structure of the program. Considering that IoT applications are small due to the simplicity and limitations of the IoT operating system environment, malware detection based on control flow graph analysis seems to be possible in the IoT environment. To analyze the behavior of the IoT application for each control flow graph, the action graph is to be built. It shows an abstract graph and a description of the program. Based on the action graph for each IoT application, a sequence is formed. This allows for defining the program’s behavior. Thus, with the aim of IoT malware detection, two malware detection models based on control flow graph metrics and the action sequences are used. Since the approach allows you to analyze both the overall structure and behavior of each application, it allows you to achieve high malware detection accuracy. The proposed approach allows the detection of unknown IoT malware, which are the modified versions of known IoT malware. As the mean of conclusion-making concerning the malware presence, the set of machine learning classifiers was employed. The experimental results demonstrated the high accuracy of IoT malware detection. Conclusions. A new technique for IoT malware detection based on control flow graph analysis has been developed. It can detect IoT malware with high efficiency. |
first_indexed | 2024-03-12T09:13:07Z |
format | Article |
id | doaj.art-a893df6beba146439d1ff36eb1087a0d |
institution | Directory Open Access Journal |
issn | 1814-4225 2663-2012 |
language | English |
last_indexed | 2024-03-12T09:13:07Z |
publishDate | 2022-02-01 |
publisher | National Aerospace University «Kharkiv Aviation Institute» |
record_format | Article |
series | Радіоелектронні і комп'ютерні системи |
spelling | doaj.art-a893df6beba146439d1ff36eb1087a0d2023-09-02T14:53:06ZengNational Aerospace University «Kharkiv Aviation Institute»Радіоелектронні і комп'ютерні системи1814-42252663-20122022-02-010114115310.32620/reks.2022.1.111634Technique for IoT malware detection based on control flow graph analysisKira Bobrovnikova0Sergii Lysenko1Bohdan Savenko2Piotr Gaj3Oleg Savenko4Khmelnytskyi National University, KhmelnytskyiKhmelnytskyi National University, KhmelnytskyiKhmelnytskyi National University, KhmelnytskyiInstitute of Computer Science, Silesian University of Technology, GliwiceKhmelnytskyi National University, KhmelnytskyiThe Internet of Things (IoT) refers to the millions of devices around the world that are connected to the Internet. Insecure IoT devices designed without proper security features are the targets of many Internet threats. The rapid integration of the Internet into the IoT infrastructure in various areas of human activity, including vulnerable critical infrastructure, makes the detection of malware in the Internet of Things increasingly important. Annual reports from IoT infrastructure cybersecurity companies and antivirus software vendors show an increase in malware attacks targeting IoT infrastructure. This demonstrates the failure of modern methods for detecting malware on the Internet of things. This is why there is an urgent need for new approaches to IoT malware detection and to protect IoT devices from IoT malware attacks. The subject of the research is the malware detection process on the Internet of Things. This study aims to develop a technique for malware detection based on the control flow graph analysis. Results. This paper presents a new approach for IoT malware detection based on control flow graph analysis. Control flow graphs were built for suspicious IoT applications. The control flow graph is represented as a directed graph, which contains information about the components of the suspicious program and the transitions between them. Based on the control flow graph, metrics can be extracted that describe the structure of the program. Considering that IoT applications are small due to the simplicity and limitations of the IoT operating system environment, malware detection based on control flow graph analysis seems to be possible in the IoT environment. To analyze the behavior of the IoT application for each control flow graph, the action graph is to be built. It shows an abstract graph and a description of the program. Based on the action graph for each IoT application, a sequence is formed. This allows for defining the program’s behavior. Thus, with the aim of IoT malware detection, two malware detection models based on control flow graph metrics and the action sequences are used. Since the approach allows you to analyze both the overall structure and behavior of each application, it allows you to achieve high malware detection accuracy. The proposed approach allows the detection of unknown IoT malware, which are the modified versions of known IoT malware. As the mean of conclusion-making concerning the malware presence, the set of machine learning classifiers was employed. The experimental results demonstrated the high accuracy of IoT malware detection. Conclusions. A new technique for IoT malware detection based on control flow graph analysis has been developed. It can detect IoT malware with high efficiency.http://nti.khai.edu/ojs/index.php/reks/article/view/1658malwareiotiot devicesiot applicationcybersecuritycyberattackcontrol flow graphdetection of cyber threats |
spellingShingle | Kira Bobrovnikova Sergii Lysenko Bohdan Savenko Piotr Gaj Oleg Savenko Technique for IoT malware detection based on control flow graph analysis Радіоелектронні і комп'ютерні системи malware iot iot devices iot application cybersecurity cyberattack control flow graph detection of cyber threats |
title | Technique for IoT malware detection based on control flow graph analysis |
title_full | Technique for IoT malware detection based on control flow graph analysis |
title_fullStr | Technique for IoT malware detection based on control flow graph analysis |
title_full_unstemmed | Technique for IoT malware detection based on control flow graph analysis |
title_short | Technique for IoT malware detection based on control flow graph analysis |
title_sort | technique for iot malware detection based on control flow graph analysis |
topic | malware iot iot devices iot application cybersecurity cyberattack control flow graph detection of cyber threats |
url | http://nti.khai.edu/ojs/index.php/reks/article/view/1658 |
work_keys_str_mv | AT kirabobrovnikova techniqueforiotmalwaredetectionbasedoncontrolflowgraphanalysis AT sergiilysenko techniqueforiotmalwaredetectionbasedoncontrolflowgraphanalysis AT bohdansavenko techniqueforiotmalwaredetectionbasedoncontrolflowgraphanalysis AT piotrgaj techniqueforiotmalwaredetectionbasedoncontrolflowgraphanalysis AT olegsavenko techniqueforiotmalwaredetectionbasedoncontrolflowgraphanalysis |