A Survey of Machine Learning Algorithms for Detecting Malware in IoT Firmware

• URL: http://arxiv.org/abs/2111.02388v1
• Date: Wed, 3 Nov 2021 17:55:51 GMT
• Title: A Survey of Machine Learning Algorithms for Detecting Malware in IoT Firmware
• Authors: Erik Larsen, Korey MacVittie, John Lilly
• Abstract summary: This paper employs a number of machine learning algorithms to classify IoT firmware and the best performing models are reported. Deep learning approaches including Convolutional and Fully Connected Neural Networks are also explored.
• Score: 0.0
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: This work explores the use of machine learning techniques on an Internet-of-Things firmware dataset to detect malicious attempts to infect edge devices or subsequently corrupt an entire network. Firmware updates are uncommon in IoT devices; hence, they abound with vulnerabilities. Attacks against such devices can go unnoticed, and users can become a weak point in security. Malware can cause DDoS attacks and even spy on sensitive areas like peoples' homes. To help mitigate this threat, this paper employs a number of machine learning algorithms to classify IoT firmware and the best performing models are reported. In a general comparison, the top three algorithms are Gradient Boosting, Logistic Regression, and Random Forest classifiers. Deep learning approaches including Convolutional and Fully Connected Neural Networks with both experimental and proven successful architectures are also explored.

Related papers

• Towards Novel Malicious Packet Recognition: A Few-Shot Learning Approach [0.0]
  Deep Packet Inspection (DPI) has emerged as a key technology in strengthening network security. This study proposes a novel approach that leverages a large language model (LLM) and few-shot learning. Our approach shows promising results with an average accuracy of 86.35% and F1-Score of 86.40% on different malware types.
  arXiv  Detail & Related papers  (2024-09-17T15:02:32Z)
• Do You Trust Your Model? Emerging Malware Threats in the Deep Learning Ecosystem [37.650342256199096]
  We introduce MaleficNet 2.0, a technique to embed self-extracting, self-executing malware in neural networks. MaleficNet 2.0 injection technique is stealthy, does not degrade the performance of the model, and is robust against removal techniques. We implement a proof-of-concept self-extracting neural network malware using MaleficNet 2.0, demonstrating the practicality of the attack against a widely adopted machine learning framework.
  arXiv  Detail & Related papers  (2024-03-06T10:27:08Z)
• Ransomware threat mitigation through network traffic analysis and machine learning techniques [0.0]
  This paper focuses on a method for recognizing and identifying ransomware in computer networks. The approach relies on using machine learning algorithms and analyzing the patterns of network traffic. The results of implementing this method show that machine learning algorithms can effectively pinpoint ransomware based on network traffic.
  arXiv  Detail & Related papers  (2024-01-27T03:55:28Z)
• Machine learning-based malware detection for IoT devices using control-flow data [0.0]
  I study the applicability of control-flow related data of executables for malware detection. I present a malware detection method with two phases. The first phase extracts control-flow related data using static binary analysis. The second phase classifies binary executables as either malicious or benign using a neural network model.
  arXiv  Detail & Related papers  (2023-11-20T08:43:09Z)
• A survey on hardware-based malware detection approaches [45.24207460381396]
  Hardware-based malware detection approaches leverage hardware performance counters and machine learning prowess. We meticulously analyze the approach, unraveling the most common methods, algorithms, tools, and datasets that shape its contours. The discussion extends to crafting mixed hardware and software approaches for collaborative efficacy, essential enhancements in hardware monitoring units, and a better understanding of the correlation between hardware events and malware applications.
  arXiv  Detail & Related papers  (2023-03-22T13:00:41Z)
• Sequential Embedding-based Attentive (SEA) classifier for malware classification [1.290382979353427]
  We come up with a solution for malware detection using state-of-the-art natural language processing (NLP) techniques. Our proposed model is tested on the benchmark data set with an accuracy and log loss score of 99.13 percent and 0.04 respectively.
  arXiv  Detail & Related papers  (2023-02-11T15:48:16Z)
• GANG-MAM: GAN based enGine for Modifying Android Malware [1.6799377888527687]
  Malware detectors based on machine learning are vulnerable to adversarial attacks. We propose a system that produces a feature vector for making an Android malware strongly evasive and then modify the malicious program accordingly.
  arXiv  Detail & Related papers  (2021-09-27T18:36:20Z)
• Being Single Has Benefits. Instance Poisoning to Deceive Malware Classifiers [47.828297621738265]
  We show how an attacker can launch a sophisticated and efficient poisoning attack targeting the dataset used to train a malware classifier. As opposed to other poisoning attacks in the malware detection domain, our attack does not focus on malware families but rather on specific malware instances that contain an implanted trigger. We propose a comprehensive detection approach that could serve as a future sophisticated defense against this newly discovered severe threat.
  arXiv  Detail & Related papers  (2020-10-30T15:27:44Z)
• Data Poisoning Attacks on Federated Machine Learning [34.48190607495785]
  Federated machine learning enables resource constrained node devices to learn a shared model while keeping the training data local. The communication protocol amongst different nodes could be exploited by attackers to launch data poisoning attacks. We propose a novel systems-aware optimization method, ATTack on Federated Learning (AT2FL)
  arXiv  Detail & Related papers  (2020-04-19T03:45:05Z)
• Security of Distributed Machine Learning: A Game-Theoretic Approach to Design Secure DSVM [31.480769801354413]
  This work aims to develop secure distributed algorithms to protect the learning from data poisoning and network attacks. We establish a game-theoretic framework to capture the conflicting goals of a learner who uses distributed support vector machines (SVMs) and an attacker who is capable of modifying training data and labels. The numerical results show that distributed SVM is prone to fail in different types of attacks, and their impact has a strong dependence on the network structure and attack capabilities.
  arXiv  Detail & Related papers  (2020-03-08T18:54:17Z)
• IoT Device Identification Using Deep Learning [43.0717346071013]
  The growing use of IoT devices in organizations has increased the number of attack vectors available to attackers. The widely adopted bring your own device (BYOD) policy which allows an employee to bring any IoT device into the workplace and attach it to an organization's network also increases the risk of attacks. In this study, we applied deep learning on network traffic to automatically identify IoT devices connected to the network.
  arXiv  Detail & Related papers  (2020-02-25T12:24:49Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.