A Lightweight Moving Target Defense Framework for Multi-purpose Malware
Affecting IoT Devices
- URL: http://arxiv.org/abs/2210.07719v1
- Date: Fri, 14 Oct 2022 11:34:26 GMT
- Title: A Lightweight Moving Target Defense Framework for Multi-purpose Malware
Affecting IoT Devices
- Authors: Jan von der Assen, Alberto Huertas Celdr\'an, Pedro Miguel S\'anchez
S\'anchez, Jordan Cede\~no, G\'er\^ome Bovet, Gregorio Mart\'inez P\'erez,
Burkhard Stiller
- Abstract summary: This work proposes four moving target defense (MTD) mechanisms changing IoT devices' network, data, and runtime environment to mitigate multi-purpose malware.
It presents a lightweight and IoT-oriented MTD framework to decide what, when, and how the MTD mechanisms are deployed.
- Score: 0.5172201569251684
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: Malware affecting Internet of Things (IoT) devices is rapidly growing due to
the relevance of this paradigm in real-world scenarios. Specialized literature
has also detected a trend towards multi-purpose malware able to execute
different malicious actions such as remote control, data leakage, encryption,
or code hiding, among others. Protecting IoT devices against this kind of
malware is challenging due to their well-known vulnerabilities and limitation
in terms of CPU, memory, and storage. To improve it, the moving target defense
(MTD) paradigm was proposed a decade ago and has shown promising results, but
there is a lack of IoT MTD solutions dealing with multi-purpose malware. Thus,
this work proposes four MTD mechanisms changing IoT devices' network, data, and
runtime environment to mitigate multi-purpose malware. Furthermore, it presents
a lightweight and IoT-oriented MTD framework to decide what, when, and how the
MTD mechanisms are deployed. Finally, the efficiency and effectiveness of the
framework and MTD mechanisms are evaluated in a real-world scenario with one
IoT spectrum sensor affected by multi-purpose malware.
Related papers
- Intelligent Detection of Non-Essential IoT Traffic on the Home Gateway [45.70482328441101]
This work presents ML-IoTrim, a system for detecting and mitigating non-essential IoT traffic by analyzing network behavior at the edge.
We test our framework in a consumer smart home setup with IoT devices from five categories, demonstrating that the model can accurately identify and block non-essential traffic.
This research advances privacy-aware traffic control in smart homes, paving the way for future developments in IoT device privacy.
arXiv Detail & Related papers (2025-04-22T09:40:05Z) - Extending Lifetime of Embedded Systems by WebAssembly-based Functional Extensions Including Drivers [46.538276603099916]
We present Wasm-IO, a framework designed to facilitate peripheral I/O operations within WebAssembly (Wasm) containers.
We detail synchronous I/O and methods for embedding platform-independent peripheral configurations within Wasm binaries.
arXiv Detail & Related papers (2025-03-10T17:22:00Z) - MADEA: A Malware Detection Architecture for IoT blending Network Monitoring and Device Attestation [13.039357655135145]
MADEA is the first system that blends RA and TA to offer a comprehensive approach to malware detection for the IoT ecosystem.
It achieves a 100% true positive rate and 160x faster detection time.
Without MADEA, effective periodic RA can consume at least 14x the amount of energy that a device needs in one hour.
arXiv Detail & Related papers (2025-02-20T23:37:00Z) - IoT-LM: Large Multisensory Language Models for the Internet of Things [70.74131118309967]
IoT ecosystem provides rich source of real-world modalities such as motion, thermal, geolocation, imaging, depth, sensors, and audio.
Machine learning presents a rich opportunity to automatically process IoT data at scale.
We introduce IoT-LM, an open-source large multisensory language model tailored for the IoT ecosystem.
arXiv Detail & Related papers (2024-07-13T08:20:37Z) - Enhancing IoT Malware Detection through Adaptive Model Parallelism and Resource Optimization [0.6856683556201506]
This study introduces a novel approach to malware detection tailored for IoT devices.
Based on resource availability, ongoing workload, and communication costs, the malware detection task is dynamically allocated either on-device or offloaded to neighboring IoT nodes.
Experimental results demonstrate that this proposed technique achieves a significant speedup of 9.8 x compared to on-device inference.
arXiv Detail & Related papers (2024-04-12T20:51:25Z) - Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS)
FLEKD enables a more flexible aggregation method than conventional model fusion techniques.
Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
arXiv Detail & Related papers (2024-01-22T14:16:37Z) - Towards Robust Semantic Segmentation against Patch-based Attack via Attention Refinement [68.31147013783387]
We observe that the attention mechanism is vulnerable to patch-based adversarial attacks.
In this paper, we propose a Robust Attention Mechanism (RAM) to improve the robustness of the semantic segmentation model.
arXiv Detail & Related papers (2024-01-03T13:58:35Z) - Classification of cyber attacks on IoT and ubiquitous computing devices [49.1574468325115]
This paper provides a classification of IoT malware.
Major targets and used exploits for attacks are identified and referred to the specific malware.
The majority of current IoT attacks continue to be of comparably low effort and level of sophistication and could be mitigated by existing technical measures.
arXiv Detail & Related papers (2023-12-01T16:10:43Z) - IoTScent: Enhancing Forensic Capabilities in Internet of Things Gateways [45.44831696628473]
This paper presents IoTScent, an open-source forensic tool that enables IoT gateways and Home Automation platforms to perform IoT traffic capture and analysis.
IoTScent is specifically designed to operate over IEEE5.4-based traffic, which is the basis for many IoT-specific protocols such as Zigbee, 6LoWPAN and Thread.
This work provides a comprehensive description of the IoTScent tool, including a practical use case that demonstrates the use of the tool to perform device identification from Zigbee traffic.
arXiv Detail & Related papers (2023-10-05T09:10:05Z) - SETTI: A Self-supervised Adversarial Malware Detection Architecture in
an IoT Environment [20.586904296213007]
We propose an adversarial self-supervised architecture for detecting malware in Internet of Things networks, SETTI.
In the SETTI architecture, we design three self-supervised attack techniques, namely Self-MDS, GSelf-MDS and ASelf-MDS.
To validate the attack and defence algorithms, we conduct experiments on two recent IoT datasets: IoT23 and NBIoT.
arXiv Detail & Related papers (2022-04-16T10:10:59Z) - Multi-modal Transformers Excel at Class-agnostic Object Detection [105.10403103027306]
We argue that existing methods lack a top-down supervision signal governed by human-understandable semantics.
We develop an efficient and flexible MViT architecture using multi-scale feature processing and deformable self-attention.
We show the significance of MViT proposals in a diverse range of applications.
arXiv Detail & Related papers (2021-11-22T18:59:29Z) - Lightweight IoT Malware Detection Solution Using CNN Classification [2.288885651912488]
The security aspect of IoT devices is an infant field, which is why it is our focus in this paper.
We developed a system that can recognize malicious behavior of a specific IoT node on the network.
Through convolutional neural network and monitoring, we were able to provide malware detection for IoT using a central node that can be installed within the network.
arXiv Detail & Related papers (2020-10-13T10:56:33Z) - Adversarial Machine Learning based Partial-model Attack in IoT [21.674533290169464]
We propose an adversarial machine learning based partial-model attack in the data fusion/aggregation process of IoT.
Our results show that the machine learning engine of IoT system is highly vulnerable to attacks even when the adversary manipulates a small portion of IoT devices.
arXiv Detail & Related papers (2020-06-25T03:04:26Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.