Malware Squid: A Novel IoT Malware Traffic Analysis Framework using Convolutional Neural Network and Binary Visualisation

• URL: http://arxiv.org/abs/2109.03375v1
• Date: Wed, 8 Sep 2021 00:21:45 GMT
• Title: Malware Squid: A Novel IoT Malware Traffic Analysis Framework using Convolutional Neural Network and Binary Visualisation
• Authors: Robert Shire, Stavros Shiaeles, Keltoum Bendiab, Bogdan Ghita, Nicholas Kolokotronis
• Abstract summary: We introduce a novel IoT malware traffic analysis approach using neural network and binary visualisation. The prime motivation of the proposed approach is to faster detect and classify new malware (zero-day malware)
• Score: 2.309914459672557
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Internet of Things devices have seen a rapid growth and popularity in recent years with many more ordinary devices gaining network capability and becoming part of the ever growing IoT network. With this exponential growth and the limitation of resources, it is becoming increasingly harder to protect against security threats such as malware due to its evolving faster than the defence mechanisms can handle with. The traditional security systems are not able to detect unknown malware as they use signature-based methods. In this paper, we aim to address this issue by introducing a novel IoT malware traffic analysis approach using neural network and binary visualisation. The prime motivation of the proposed approach is to faster detect and classify new malware (zero-day malware). The experiment results show that our method can satisfy the accuracy requirement of practical application.

Related papers

• Understanding crypter-as-a-service in a popular underground marketplace [51.328567400947435]
  Crypters are pieces of software whose main goal is to transform a target binary so it can avoid detection from Anti Viruses (AVs) applications. The crypter-as-a-service model has gained popularity, in response to the increased sophistication of detection mechanisms. This paper provides the first study on an online underground market dedicated to crypter-as-a-service.
  arXiv  Detail & Related papers  (2024-05-20T08:35:39Z)
• Classification of cyber attacks on IoT and ubiquitous computing devices [49.1574468325115]
  This paper provides a classification of IoT malware. Major targets and used exploits for attacks are identified and referred to the specific malware. The majority of current IoT attacks continue to be of comparably low effort and level of sophistication and could be mitigated by existing technical measures.
  arXiv  Detail & Related papers  (2023-12-01T16:10:43Z)
• Malware Classification using Deep Neural Networks: Performance Evaluation and Applications in Edge Devices [0.0]
  Multiple Deep Neural Networks (DNNs) can be designed to detect and classify malware binaries. The feasibility of deploying these DNN models on edge devices to enable real-time classification, particularly in resource-constrained scenarios proves to be integral to large IoT systems. This study contributes to advancing malware detection techniques and emphasizes the significance of integrating cybersecurity measures for the early detection of malware.
  arXiv  Detail & Related papers  (2023-08-21T16:34:46Z)
• A Survey on Cross-Architectural IoT Malware Threat Hunting [2.767968065747037]
  Research works on hunting Windows PE-based malwares are maturing, whereas the developments on Linux malware threat hunting are relatively scarce. With the advent of the Internet of Things (IoT) era, smart devices that are getting integrated into human life have become a hackers highway for their malicious activities. This study aims at providing a comprehensive survey on the latest developments in cross-architectural IoT malware detection and classification approaches.
  arXiv  Detail & Related papers  (2023-06-09T19:01:32Z)
• MalIoT: Scalable and Real-time Malware Traffic Detection for IoT Networks [6.426881566121233]
  The system can handle the exponential growth of IoT devices thanks to the usage of distributed systems like Apache Kafka and Apache Spark. These technologies work together to create a system that can give scalable performance and high accuracy.
  arXiv  Detail & Related papers  (2023-04-02T20:47:08Z)
• A survey on hardware-based malware detection approaches [45.24207460381396]
  Hardware-based malware detection approaches leverage hardware performance counters and machine learning prowess. We meticulously analyze the approach, unraveling the most common methods, algorithms, tools, and datasets that shape its contours. The discussion extends to crafting mixed hardware and software approaches for collaborative efficacy, essential enhancements in hardware monitoring units, and a better understanding of the correlation between hardware events and malware applications.
  arXiv  Detail & Related papers  (2023-03-22T13:00:41Z)
• Adversarial Attacks against Windows PE Malware Detection: A Survey of the State-of-the-Art [44.975088044180374]
  This paper focuses on malware with the file format of portable executable (PE) in the family of Windows operating systems, namely Windows PE malware. We first outline the general learning framework of Windows PE malware detection based on ML/DL. We then highlight three unique challenges of performing adversarial attacks in the context of PE malware.
  arXiv  Detail & Related papers  (2021-12-23T02:12:43Z)
• TANTRA: Timing-Based Adversarial Network Traffic Reshaping Attack [46.79557381882643]
  We present TANTRA, a novel end-to-end Timing-based Adversarial Network Traffic Reshaping Attack. Our evasion attack utilizes a long short-term memory (LSTM) deep neural network (DNN) which is trained to learn the time differences between the target network's benign packets. TANTRA achieves an average success rate of 99.99% in network intrusion detection system evasion.
  arXiv  Detail & Related papers  (2021-03-10T19:03:38Z)
• Binary Black-box Evasion Attacks Against Deep Learning-based Static Malware Detectors with Adversarial Byte-Level Language Model [11.701290164823142]
  MalRNN is a novel approach to automatically generate evasive malware variants without restrictions. MalRNN effectively evades three recent deep learning-based malware detectors and outperforms current benchmark methods.
  arXiv  Detail & Related papers  (2020-12-14T22:54:53Z)
• IoT Malware Network Traffic Classification using Visual Representation and Deep Learning [1.7205106391379026]
  We propose a novel IoT malware traffic analysis approach using deep learning and visual representation. The detection of malicious network traffic in the proposed approach works at the package level, significantly reducing the time of detection. The experimental results of Residual Neural Network (ResNet50) are very promising, providing a 94.50% accuracy rate for detection of malware traffic.
  arXiv  Detail & Related papers  (2020-10-04T22:44:04Z)
• Noise-Response Analysis of Deep Neural Networks Quantifies Robustness and Fingerprints Structural Malware [48.7072217216104]
  Deep neural networks (DNNs) have structural malware' (i.e., compromised weights and activation pathways) It is generally difficult to detect backdoors, and existing detection methods are computationally expensive and require extensive resources (e.g., access to the training data) Here, we propose a rapid feature-generation technique that quantifies the robustness of a DNN, fingerprints' its nonlinearity, and allows us to detect backdoors (if present) Our empirical results demonstrate that we can accurately detect backdoors with high confidence orders-of-magnitude faster than existing approaches (seconds versus
  arXiv  Detail & Related papers  (2020-07-31T23:52:58Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.