Abstract
The ominous threat from malware in critical systems has forced system designers to include detection techniques in their systems to ensure a timely response. However, the widely used signature-based techniques implemented to detect the multitude of potential malware in these systems also leads to a large non-functional overhead. Such methods do not lend well to the extremely resource constrained IoT devices. Hence, in this paper, we propose a low complexity signature-based method for IoT devices that only identifies and stores a subset of signatures to detect a group of malware instead of storing a separate signature for every potential malware, as done in the existing work. Experimental results show that the proposed approach can still achieve 100% detection rate while relying on a very low number of signatures for detection.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Moser, A., et al.: Exploring multiple execution paths for malware analysis. In: 2007 IEEE Symposium on Security and Privacy (SP 2007), May 2007
Symantec Security Response, IoT devices being increasingly used for DDoS attacks (2016). https://www.symantec.com/connect/blogs/iot-devices-being-increasingly-used-ddos-attacks. Accessed 28 Mar 2017
Snell, B.: Mobile threat report: whats on the horizon for 2016 (2016). https://www.mcafee.com/us/resources/reports/rp-mobile-threat-report-2016.pdf. Accessed 28 Mar 2017
Biswas, A.: Scary insights into the security of smart things: what the IoT startups dont pitch about (2016). http://electronicsofthings.com/expert-opinion/scary-insights-security-smart-things-what-the-iot-startups-dont-pitch-about/5/. Accessed 28 Mar 2017
Greenemeier, L.: IoT growing faster than the ability to defend it (2016). https://www.scientificamerican.com/article/iot-growing-faster-than-the-ability-to-defend-it/. Accessed 28 Mar 2017
Hasan, R., et al.: How secure is the healthcare network from insider attacks? An audit guideline for vulnerability analysis. In: IEEE Annual Computer Software and Applications Conference (COMPSAC), June 2016
Iqbal, M.S., et al.: SAM: a secure anti-malware framework for the smartphone operating systems. In: IEEE Wireless Communications and Networking Conference (2016)
Greengard, S.: Cybersecurity gets smart. Commun. ACM (2016). http://doi.acm.org/10.1145/2898969
Arslan, B., et al.: A review on mobile threats and machine learning based detection approaches. In: International Symposium on Digital Forensic and Security, April 2016
Kolosnjaji, B., et al.: Deep learning for classification of malware system call sequences. In: Australasian Joint Conference on Artificial Intelligence (2016)
Othman, Z.A., et al.: Improving signature detection classification model using features selection based on customized features. In: International Conference on Intelligent Systems Design and Applications, November 2010
Saracino, A., et al.: Madam: effective and efficient behavior-based android malware detection and prevention. IEEE Trans. Dependable Secure Comput. PP(99), 1 (2016)
Narayanan, B.N., et al.: Performance analysis of machine learning and pattern recognition algorithms for malware classification. In: IEEE National Aerospace and Electronics Conference (NAECON) and Ohio Innovation Summit (OIS), July 2016
Islam, N., et al.: On-device mobile phone security exploits machine learning. IEEE Pervasive Comput. 16(2), 92–96 (2017)
Hellal, A., et al.: Maximal frequent sub-graph mining for malware detection. In: International Conference on Intelligent Systems Design and Applications (ISDA), December 2015
Sun, M., et al.: Monet: a user-oriented behavior-based malware variants detection system for android. IEEE Trans. Inform. Forensics Secur. 12(5), 1103–1112 (2017)
Gandotra, E., et al.: Malware analysis and classification: a survey. J. Inform. Secur. 5, 56–64 (2014)
Kong, D., et al.: Discriminant malware distance learning on structural information for automated malware classification. In: ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (2013)
Nari, S., et al.: Automated malware classification based on network behavior. In: International Conference on Computing, Networking and Communications (ICNC) (2013)
Tian, R., et al.: Function length as a tool for malware classification. In: International Conference on Malicious and Unwanted Software, October 2008
Firdausi, I., et al.: Analysis of machine learning techniques used in behavior-based malware detection. In: International Conference on Advances in Computing, Control, and Telecommunication Technologies, December 2010
Forrest, S., et al.: A sense of self for unix processes. In: IEEE Symposium on Security and Privacy, May 1996
Wagener, G., et al.: Malware behaviour analysis. J. Comput. Virol. (2008). http://dx.doi.org/10.1007/s11416-007-0074-9
Kolosnjaji, B., et al.: Empowering convolutional networks for malware classification and analysis. In: International Joint Conference on Neural Networks (2017)
Rahmatian, M., et al.: Hardware-assisted detection of malicious software in embedded systems. IEEE Embedded Syst. Lett. 4(4), 94–97 (2012)
VirusShare, VirusShare.com - Because Sharing is Caring (2017). https://virusshare.com/. Accessed 2 Apr 2017
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Abbas, M.F.B., Srikanthan, T. (2017). Low-Complexity Signature-Based Malware Detection for IoT Devices. In: Batten, L., Kim, D., Zhang, X., Li, G. (eds) Applications and Techniques in Information Security. ATIS 2017. Communications in Computer and Information Science, vol 719. Springer, Singapore. https://doi.org/10.1007/978-981-10-5421-1_15
Download citation
DOI: https://doi.org/10.1007/978-981-10-5421-1_15
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-5420-4
Online ISBN: 978-981-10-5421-1
eBook Packages: Computer ScienceComputer Science (R0)