A novel approach to detect IoT malware by system calls using Deep learning techniques

Recently, IoT devices or smart objects widely utilized in all kinds of fields such as medical, defense, automobile industry etc. Due to its intelligence and popularity, attacker seeks its help to launch malicious attack in high speed at low cost. In this regard, Researchers have turned their interest towards improving the security for the Internet of things devices. In this model, the malware were detected based on their behavior in terms of system calls sequence arise during its execution. The system calls of IoT malware are gathered using Strace tool in Ubuntu. The generated malicious system calls are preprocessed by n-gram techniques to retrieve required features. The extracted system calls were classified into two class i.e normal and malicious sequence using Recurrent neural network(RNN). The efficiency of this deep learning is tested using various performance metrics. The real time IoT malware samples were collected from IOTPOT honeypot which emulates different CPU architecture of IoT devices.

[1]  Quoc-Dung Ngo,et al.  IoT Botnet Detection Approach Based on PSI graph and DGCNN classifier , 2018, 2018 IEEE International Conference on Information Communication and Signal Processing (ICICSP).

[2]  Ying Zhang,et al.  Intrusion Detection for IoT Based on Improved Genetic Algorithm and Deep Belief Network , 2019, IEEE Access.

[3]  Robert C. Atkinson,et al.  Threat analysis of IoT networks using artificial neural network intrusion detection system , 2016, 2016 International Symposium on Networks, Computers and Communications (ISNCC).

[4]  P. Vinod,et al.  Linux Malware Detection Using eXtended-Symmetric Uncertainty , 2014, SPACE.

[5]  Tie Luo,et al.  Distributed Anomaly Detection Using Autoencoder Neural Networks in WSN for IoT , 2018, 2018 IEEE International Conference on Communications (ICC).

[6]  P. Vinod,et al.  A machine learning approach for linux malware detection , 2014, 2014 International Conference on Issues and Challenges in Intelligent Computing Techniques (ICICT).

[7]  Yuval Elovici,et al.  HADES-IoT: A Practical Host-Based Anomaly Detection System for IoT Devices , 2019, AsiaCCS.

[8]  Ali Dehghantanha,et al.  Robust Malware Detection for Internet of (Battlefield) Things Devices Using Deep Eigenspace Learning , 2019, IEEE Transactions on Sustainable Computing.

[9]  Michalis Faloutsos,et al.  Behavioral anomaly detection of malware on home routers , 2017, 2017 12th International Conference on Malicious and Unwanted Software (MALWARE).

[10]  Ali Dehghantanha,et al.  A deep Recurrent Neural Network based approach for Internet of Things malware threat hunting , 2018, Future Gener. Comput. Syst..

[11]  Jemal H. Abawajy,et al.  Malware Threats and Detection for Industrial Mobile-IoT Networks , 2018, IEEE Access.

[12]  Jaime Lloret,et al.  Network Traffic Classifier With Convolutional and Recurrent Neural Networks for Internet of Things , 2017, IEEE Access.

[13]  K. P. Soman,et al.  Deep Learning Approach for Intelligent Intrusion Detection System , 2019, IEEE Access.

[14]  Kouichi Sakurai,et al.  Lightweight Classification of IoT Malware Based on Image Recognition , 2018, 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC).

[15]  M. Omair Shafiq,et al.  Analyzing Adversarial Attacks against Deep Learning for Intrusion Detection in IoT Networks , 2019, 2019 IEEE Global Communications Conference (GLOBECOM).

[16]  Ali Dehghantanha,et al.  An opcode‐based technique for polymorphic Internet of Things malware detection , 2020, Concurr. Comput. Pract. Exp..

[17]  Thambipillai Srikanthan,et al.  Low-Complexity Signature-Based Malware Detection for IoT Devices , 2017, ATIS.

[18]  Naveen K. Chilamkurti,et al.  Distributed attack detection scheme using deep learning approach for Internet of Things , 2017, Future Gener. Comput. Syst..

[19]  Steven P. Weber,et al.  Malware Anomaly Detection on Virtual Assistants , 2018, 2018 13th International Conference on Malicious and Unwanted Software (MALWARE).

[20]  Tsutomu Matsumoto,et al.  IoTPOT: A Novel Honeypot for Revealing Current IoT Threats , 2016, J. Inf. Process..