Sharjeel Riaz,Shahzad Latif,Syed Muhammad Usman,Syed Sajid Ullah,Abeer D Algarni,Amanullah Yasin,Aamir Anwar,Hela Elmannai,Saddam Hussain

DOI: https://doi.org/10.3390/s22239305

2022-11-29

Abstract:Internet of Things (IoT) devices usage is increasing exponentially with the spread of the internet. With the increasing capacity of data on IoT devices, these devices are becoming venerable to malware attacks; therefore, malware detection becomes an important issue in IoT devices. An effective, reliable, and time-efficient mechanism is required for the identification of sophisticated malware. Researchers have proposed multiple methods for malware detection in recent years, however, accurate detection remains a challenge. We propose a deep learning-based ensemble classification method for the detection of malware in IoT devices. It uses a three steps approach; in the first step, data is preprocessed using scaling, normalization, and de-noising, whereas in the second step, features are selected and one hot encoding is applied followed by the ensemble classifier based on CNN and LSTM outputs for detection of malware. We have compared results with the state-of-the-art methods and our proposed method outperforms the existing methods on standard datasets with an average accuracy of 99.5%.

Ayat T. Salim,Ban Mohammed Khammas

DOI: https://doi.org/10.31987/ijict.6.3.233

2023-12-31

Abstract:Internet of Things (IoT) equipment is rapidly being used in a variety of businesses and for a variety of reasons (for example, sensing and collecting data from the environment in both public and military settings). Because of their expanding involvement in a wide range of applications and their rising computational and processing capabilities, they are a viable attack target for malware tailored to infect specific IoT devices. This study investigates the potential of detecting IoT malware using different deep learning techniques: the classic feedforward neural network (FNN), convolutional neural networks (CNN), long short-term memory (LSTM), and recurrent neural networks (RNN). The proposed method analyses the execution operation codes of IOT app sequences using modern NLP (natural language processing) methods. The current work utilized an IoT application dataset with 500 malware (collected from the IOTPOT dataset) and 500 goodware samples to train the proposed algorithms. The trained model is tested against 2971 fresh IoT malware and goodware samples. The samples were input into deep learning models, and performance metrics were obtained. The results demonstrate that the RNN model had the best accuracy (99.19%) in detecting fresh malware samples. On the other hand, the results were compared by the time required for training; the CNN model shows that it could achieve high accuracy (98.05%) with less training time. A comparison with various deep learning classifiers demonstrates that the RNN and CNN techniques produce the best results.

Faiza Habib,Syed Hamad Shirazi,Khursheed Aurangzeb,Asfandyar Khan,Bharat Bhushan,Musaed Alhussein

DOI: https://doi.org/10.1109/access.2024.3383831

IF: 3.9

2024-04-09

IEEE Access

Abstract:Today Internet of Things (IoT) has become a key part of the modern world as it enables web-based IoT devices to collect, transfer, and analyze the data of individuals, companies, and industries. IoT provides numerous services and applications via a massive number of interconnected devices and has become an innovative attack vector for cyber-attacks and threats such as malware attacks that are currently regarded as serious dangers to the security of IoT devices and systems. Such threats are sufficient to infiltrate individual private information that inflicts harm to both the financial standing and reputation in an organization. In literature, researchers have used multiple machine learning and deep learning models to tackle this security threat, however, still accurate classification and detection of metamorphic malware in IoT devices remains a challenge. In this article, we used a deep learning model to accurately detect metamorphic malware in IoT devices. We have employed six models including (VGG16, InceptionV3, CNN, ResNet50, MobileNet, and Efficient NetB0 on Malimg publicly available malware image dataset. The Internet of Things (IoT) would benefit from having a method that could identify metamorphic malware. It isn't possible to rely on detection techniques that are fixed or signature-based. Throughout this research, a straightforward technique for carrying out dynamic analysis to comprehend the behavior of code is suggested. To determine if executable are malicious, it is necessary to first measure the behavior of executable and then utilize this information to make that determination. Additionally, the purpose of this study is to create a classifier that makes utilization of deep learning techniques to analyze complicated behavior reports. The obtained results depict that the proposed model achieves a promising accuracy of 99% and F1-score of 97% employed on the standard Malimg dataset as compared to other existing machine and deep learning models.

computer science, information systems,telecommunications,engineering, electrical & electronic

Shtwai Alsubai,Ashit Kumar Dutta,Abdullah M Alnajim,Abdul Rahaman Wahab Sait,Rashid Ayub,Afnan Mushabbab AlShehri,Naved Ahmad

DOI: https://doi.org/10.7717/peerj-cs.1366

2023-05-29

Abstract:The Internet of Things (IoT) environment demands a malware detection (MD) framework for protecting sensitive data from unauthorized access. The study intends to develop an image-based MD framework. The authors apply image conversion and enhancement techniques to convert malware binaries into RGB images. You only look once (Yolo V7) is employed for extracting the key features from the malware images. Harris Hawks optimization is used to optimize the DenseNet161 model to classify images into malware and benign. IoT malware and Virusshare datasets are utilized to evaluate the proposed framework's performance. The outcome reveals that the proposed framework outperforms the current MD framework. The framework generates the outcome at an accuracy and F1-score of 98.65 and 98.5 and 97.3 and 96.63 for IoT malware and Virusshare datasets, respectively. In addition, it achieves an area under the receiver operating characteristics and the precision-recall curve of 0.98 and 0.85 and 0.97 and 0.84 for IoT malware and Virusshare datasets, accordingly. The study's outcome reveals that the proposed framework can be deployed in the IoT environment to protect the resources.

Siraj Uddin Qureshi,Jingsha He,Saima Tunio,Nafei Zhu,Ahsan Nazir,Ahsan Wajahat,Faheem Ullah,Abdul Wadud

DOI: https://doi.org/10.1016/j.jksuci.2024.102164

IF: 9.006

2024-08-29

Journal of King Saud University - Computer and Information Sciences

Abstract:The swift proliferation of Internet of Things (IoT) devices has presented considerable challenges in maintaining cybersecurity. As IoT ecosystems expand, they increasingly attract malware attacks, necessitating advanced detection and forensic analysis methods. This systematic review explores the application of deep learning techniques for malware detection and forensic analysis within IoT environments. The literature is organized into four distinct categories: IoT Security, Malware Forensics, Deep Learning, and Anti-Forensics. Each group was analyzed individually to identify common methodologies, techniques, and outcomes. Conducted a combined analysis to synthesize the findings across these categories, highlighting overarching trends and insights.This systematic review identifies several research gaps, including the need for comprehensive IoT-specific datasets, the integration of interdisciplinary methods, scalable real-time detection solutions, and advanced countermeasures against anti-forensic techniques. The primary issue addressed is the complexity of IoT malware and the limitations of current forensic methodologies. Through a robust methodological framework, this review synthesizes findings across these categories, highlighting common methodologies and outcomes. Identifying critical areas for future investigation, this review contributes to the advancement of cybersecurity in IoT environments, offering a comprehensive framework to guide future research and practice in developing more robust and effective security solutions.

computer science, information systems

Abdulwahab Ali Almazroi,Nasir Ayub

DOI: https://doi.org/10.1038/s41598-024-57864-8

IF: 4.6

2024-04-04

Scientific Reports

Abstract:The rapid expansion of AI-enabled Internet of Things (IoT) devices presents significant security challenges, impacting both privacy and organizational resources. The dynamic increase in big data generated by IoT devices poses a persistent problem, particularly in making decisions based on the continuously growing data. To address this challenge in a dynamic environment, this study introduces a specialized BERT-based Feed Forward Neural Network Framework (BEFNet) designed for IoT scenarios. In this evaluation, a novel framework with distinct modules is employed for a thorough analysis of 8 datasets, each representing a different type of malware. BEFSONet is optimized using the Spotted Hyena Optimizer (SO), highlighting its adaptability to diverse shapes of malware data. Thorough exploratory analyses and comparative evaluations underscore BEFSONet's exceptional performance metrics, achieving 97.99% accuracy, 97.96 Matthews Correlation Coefficient, 97% F1-Score, 98.37% Area under the ROC Curve(AUC-ROC), and 95.89 Cohen's Kappa. This research positions BEFSONet as a robust defense mechanism in the era of IoT security, offering an effective solution to evolving challenges in dynamic decision-making environments.

multidisciplinary sciences

Farhan Ullah,Hamad Naeem,Sohail Jabbar,Shehzad Khalid,Muhammad Ahsan Latif,Fadi Al-turjman,Leonardo Mostarda

DOI: https://doi.org/10.1109/access.2019.2937347

IF: 3.9

2019-01-01

IEEE Access

Abstract:The IoT (Internet of Things) connect systems, applications, data storage, and services that may be a new gateway for cyber-attacks as they continuously offer services in the organization. Currently, software piracy and malware attacks are high risks to compromise the security of IoT. These threats may steal important information that causes economic and reputational damages. In this paper, we have proposed a combined deep learning approach to detect the pirated software and malware-infected files across the IoT network. The TensorFlow deep neural network is proposed to identify pirated software using source code plagiarism. The tokenization and weighting feature methods are used to filter the noisy data and further, to zoom the importance of each token in terms of source code plagiarism. Then, the deep learning approach is used to detect source code plagiarism. The dataset is collected from Google Code Jam (GCJ) to investigate software piracy. Apart from this, the deep convolutional neural network is used to detect malicious infections in IoT network through color image visualization. The malware samples are obtained from Maling dataset for experimentation. The experimental results indicate that the classification performance of the proposed solution to measure the cybersecurity threats in IoT are better than the state of the art methods.

Ali Mehrban,Pegah Ahadian

DOI: https://doi.org/10.48550/arXiv.2312.17683

2024-02-04

Abstract:Malware detection in IoT environments necessitates robust methodologies. This study introduces a CNN-LSTM hybrid model for IoT malware identification and evaluates its performance against established methods. Leveraging K-fold cross-validation, the proposed approach achieved 95.5% accuracy, surpassing existing methods. The CNN algorithm enabled superior learning model construction, and the LSTM classifier exhibited heightened accuracy in classification. Comparative analysis against prevalent techniques demonstrated the efficacy of the proposed model, highlighting its potential for enhancing IoT security. The study advocates for future exploration of SVMs as alternatives, emphasizes the need for distributed detection strategies, and underscores the importance of predictive analyses for a more powerful IOT security. This research serves as a platform for developing more resilient security measures in IoT ecosystems.

Cryptography and Security,Machine Learning,Networking and Internet Architecture

Gueltoum Bendiab,Stavros Shiaeles,Abdulrahman Alruban,Nicholas Kolokotronis

DOI: https://doi.org/10.1109/NetSoft48620.2020.9165381

2020-10-05

Abstract:With the increase of IoT devices and technologies coming into service, Malware has risen as a challenging threat with increased infection rates and levels of sophistication. Without strong security mechanisms, a huge amount of sensitive data is exposed to vulnerabilities, and therefore, easily abused by cybercriminals to perform several illegal activities. Thus, advanced network security mechanisms that are able of performing a real-time traffic analysis and mitigation of malicious traffic are required. To address this challenge, we are proposing a novel IoT malware traffic analysis approach using deep learning and visual representation for faster detection and classification of new malware (zero-day malware). The detection of malicious network traffic in the proposed approach works at the package level, significantly reducing the time of detection with promising results due to the deep learning technologies used. To evaluate our proposed method performance, a dataset is constructed which consists of 1000 pcap files of normal and malware traffic that are collected from different network traffic sources. The experimental results of Residual Neural Network (ResNet50) are very promising, providing a 94.50% accuracy rate for detection of malware traffic.

Cryptography and Security,Machine Learning

Amruta V. Pandit,Dipannita Mondal

DOI: https://doi.org/10.52710/rjcse.82

2023-12-31

Abstract:IoT devices' constrained processing capabilities and malware's changing nature make traditional signature-based methods for malware detection ineffective. The focus of our suggested approach, in contrast, is on real-time analysis of IoT device behaviour patterns to find anomalies that might be signs of malicious activity. We can spot differences from typical behaviour on devices by continuously observing how they behave. These differences could indicate the existence of malware. We use deep neural networks to handle and analyse the enormous quantity of data produced by IoT devices in order to do this. Specifically, we use recurrent neural networks (RNNs) and convolutional neural networks (CNNs). These neural networks learn the anticipated behaviours of various IoT devices and their applications through training on historical data. They quickly detect unexpected behaviours that can be a sign of malware infestations or other harmful actions by comparing incoming data streams to these learned patterns in real-time. By reaching high detection rates while preserving low false-positive rates, our experimental results show the efficiency of the suggested approach. We can greatly improve the security posture of IoT devices or gateways by integrating this real-time malware detection technology into them, defending against new attacks in the ever-changing IoT landscape. By protecting the privacy and integrity of IoT-enabled environments, our research will help to mitigate the escalating cybersecurity challenges faced by IoT devices.

Nadia Ansar,Mohammad Sadique Ansari,Mohammad Sharique,Aamina Khatoon,Md Abdul Malik,Md Munir Siddiqui

2024-06-18

Abstract:There have been significant issues given the IoT, with heterogeneity of billions of devices and with a large amount of data. This paper proposed an innovative design of the Internet of Things (IoT) Environment Intrusion Detection System (or IDS) using Deep Learning-integrated Convolutional Neural Networks (CNN) and Long Short-Term Memory (LSTM) networks. Our model, based on the CICIDS2017 dataset, achieved an accuracy of 99.52% in classifying network traffic as either benign or malicious. The real-time processing capability, scalability, and low false alarm rate in our model surpass some traditional IDS approaches and, therefore, prove successful for application in today's IoT networks. The development and the performance of the model, with possible applications that may extend to other related fields of adaptive learning techniques and cross-domain applicability, are discussed. The research involving deep learning for IoT cybersecurity offers a potent solution for significantly improving network security.

Artificial Intelligence,Cryptography and Security

Muhammad Asam,Saddam Hussain Khan,Tauseef Jamal,Asifullah Khan

DOI: https://doi.org/10.48550/arXiv.2202.04121

2022-02-09

Abstract:Interaction between devices, people, and the Internet has given birth to a new digital communication model, the Internet of Things (IoT). The seamless network of these smart devices is the core of this IoT model. However, on the other hand, integrating smart devices to constitute a network introduces many security challenges. These connected devices have created a security blind spot, where cybercriminals can easily launch an attack to compromise the devices using malware proliferation techniques. Therefore, malware detection is considered a lifeline for the survival of IoT devices against cyberattacks. This study proposes a novel IoT Malware Detection Architecture (iMDA) using squeezing and boosting dilated convolutional neural network (CNN). The proposed architecture exploits the concepts of edge and smoothing, multi-path dilated convolutional operations, channel squeezing, and boosting in CNN. Edge and smoothing operations are employed with split-transform-merge (STM) blocks to extract local structure and minor contrast variation in the malware images. STM blocks performed multi-path dilated convolutional operations, which helped recognize the global structure of malware patterns. Additionally, channel squeezing and merging helped to get the prominent reduced and diverse feature maps, respectively. Channel squeezing and boosting are applied with the help of STM block at the initial, middle and final levels to capture the texture variation along with the depth for the sake of malware pattern hunting. The proposed architecture has shown substantial performance compared with the customized CNN models. The proposed iMDA has achieved Accuracy: 97.93%, F1-Score: 0.9394, Precision: 0.9864, MCC: 0. 8796, Recall: 0.8873, AUC-PR: 0.9689 and AUC-ROC: 0.9938.

Cryptography and Security,Artificial Intelligence

Rajvardhan Patil,Wei Deng

DOI: https://doi.org/10.1109/southeastcon44009.2020.9368268

2020-01-01

Abstract:In this era, where the volume and diversity of malware is rising exponentially, new techniques need to be employed for faster and accurate identification of the malwares. Manual heuristic inspection of malware analysis are neither effective in detecting new malware, nor efficient as they fail to keep up with the high spreading rate of malware. Machine learning approaches have therefore gained momentum. They have been used to automate static and dynamic analysis investigation where malware having similar behavior are clustered together, and based on the proximity unknown malwares get classified to their respective families. Although many such research efforts have been conducted where data-mining and machine-learning techniques have been applied, in this paper we show how the accuracy can further be improved using deep learning networks. As deep learning offers superior classification by constructing neural networks with a higher number of potentially diverse layers it leads to improvement in automatic detection and classification of the malware variants.In this research, we present a framework which extracts various feature-sets such as system calls, operational codes, sections, and byte codes from the malware files. In the experimental and result section, we compare the accuracy obtained from each of these features and demonstrate that feature vector for system calls yields the highest accuracy. The paper concludes by showing how deep learning approach performs better than the traditional shallow machine learning approaches.

Md Rashed Buiya,A K M Nuruzzaman Laskar,Md Rafiqul Islam,Sanjib Kumar Shil Sawalmeh,Muhammad Shoyaibur Rahman Chowdhury Roy,Reza E Rabbi Shawon Roy,Md Sumsuzoha

DOI: https://doi.org/10.32996/jcsts.2024.6.4.16

2024-10-18

Journal of Computer Science and Technology Studies

Abstract:The IoT is one of the most revolutionary technological advancements of the contemporary era, embedding networked devices into nearly every aspect of human life, from smart homes and wearables to industrial systems and healthcare applications in the U.S.A. The immediate need for better cybersecurity in the U.S.A. arises from the increasing sophistication and frequency of cyberattacks on IoT systems. Machine learning and AI have emerged as promising technologies to deal with the security challenges IoT systems pose. Unlike traditional rule-based systems, ML models learn from large datasets to identify deviations from the normal behavior pattern that signifies malicious activity. The prime objective of this research is to design, curate, evaluate, and deploy state-of-the-art machine learning models that improve the detection of cyberattacks over IoT network traffic. This research used a well-established dataset that emulates IoT network traffic consisting of benign and malicious activities. Benchmarks like the UNSW-NB15, CICIDS2017, and TON_IoT have been in extensive use by researchers in this domain because they contain a rich variety of network traffic created by various IoT devices and systems along with corresponding labels that classify normal and associated with specific types of cyberattacks: DDOS, MITM, and botnet attacks. Data preprocessing and cleaning ensured that the dataset was consistent, complete, and in a format that helps machine learning algorithms learn from it. Imputation techniques used the feature's mean/median/mode to handle missing values. In this research project, two machine learning algorithms were used in the experiment, notably, Logistic Regression and Random Forest. In this study, the machine learning algorithms used in the experiment undertaken for the current research project are Logistic Regression and Random Forest. The performance of Random Forest was superior to Logistic Regression in almost all metrics. While Logistic Regression provided a strong baseline, it struggled with detecting attacks, as evidenced by its lower recall and higher number of false negatives. This implied that Logistic Regression was less reliable in detecting cyberattacks, which could be critical in real-world cybersecurity settings. By contrast, Random Forest attained impressive accuracy and significantly diminished the number of false negatives. Its higher precision and recall demonstrate that it is better suited for detecting attacks in this dataset, offering a more reliable solution for cyberattack detection.

Ijaz Ahmad,Zhong Wan,Ashfaq Ahmad,Syed Sajid Ullah

DOI: https://doi.org/10.3390/math12101437

IF: 2.4

2024-05-07

Mathematics

Abstract:The proliferation of Internet of Things (IoT) devices and their integration into critical infrastructure and business operations has rendered them susceptible to malware and cyber-attacks. Such malware presents a threat to the availability and reliability of IoT devices, and a failure to address it can have far-reaching impacts. Due to the limited resources of IoT devices, traditional rule-based detection systems are often ineffective against sophisticated attackers. This paper addressed these issues by designing a new framework that uses a machine learning (ML) algorithm for the detection of malware. Additionally, it also employed sequential detection architecture and evaluated eight malware datasets. The design framework is lightweight and effective in data processing and feature selection algorithms. Moreover, this work proposed a classification model that utilizes one support vector machine (SVM) algorithm and is individually tuned with three different optimization algorithms. The employed optimization algorithms are Nuclear Reactor Optimization (NRO), Artificial Rabbits Optimization (ARO), and Particle Swarm Optimization (PSO). These algorithms are used to explore a diverse search space and ensure robustness in optimizing the SVM for malware detection. After extensive simulations, our proposed framework achieved the desired accuracy among eleven existing ML algorithms and three proposed ensemblers (i.e., NRO_SVM, ARO_SVM, and PSO_SVM). Among all algorithms, NRO_SVM outperforms the others with an accuracy rate of 97.8%, an F1 score of 97%, and a recall of 99%, and has fewer false positives and false negatives. In addition, our model successfully identified and prevented malware-induced attacks with a high probability of recognizing new evolving threats.

mathematics

Sidra Abbas,Shtwai Alsubai,Stephen Ojo,Gabriel Avelino Sampedro,Ahmad Almadhor,Abdullah Al Hejaili,Imen Bouazzi,Abbas, Sidra,Ojo, Stephen,Sampedro, Gabriel Avelino

DOI: https://doi.org/10.1007/s11227-024-05993-2

IF: 3.3

2024-03-10

The Journal of Supercomputing

Abstract:The rapid growth of Internet of Things (IoT) devices has changed human interactions with the environment. IoT networks require specialized defense strategies distinct from traditional corporate contexts. Security measures such as anti-malware software, firewalls, authentication protocols, and encryption techniques are established but face limitations against evolving attack strategies. Therefore, this study proposes an intrusion detection approach for a realistic IoT environment, employing various variants of deep learning models such as deep neural networks (DNNs), convolutional neural networks (CNNs), and recurrent neural networks (RNNs). The research tested three variants for each model: DNN1, DNN2, DNN3, CNN1, CNN2, CNN3, RNN1, RNN2, RNN3 . All these variants are customized and tuned differently to analyze the efficacy of the suggested methodology. Likewise, notable observation highlights the significance of aligning training and validation accuracy curves that indicate controlled overfitting, validating the model's reliability in accurately predicting intrusion and benign network traffic in IoT settings. Results reveal that RNN1 achieves the best results: accuracy of 98.61%, precision of 98.55%, recall of 98.61%, and F1-score of 98.57% compared with other DNN and CNN architectures and benchmark papers. This study advances intrusion detection within IoT networks through a comprehensive evaluation of deep learning models and inspires ongoing research to enhance intrusion detection systems' resilience in dynamic IoT environments.

computer science, theory & methods,engineering, electrical & electronic, hardware & architecture

Abdulwahab Ali Almazroi,Nasir Ayub

DOI: https://doi.org/10.3390/systems11110547

2023-11-11

Systems

Abstract:The Internet of Things (IoT) constitutes the foundation of a deeply interconnected society in which objects communicate through the Internet. This innovation, coupled with 5G and artificial intelligence (AI), finds application in diverse sectors like smart cities and advanced manufacturing. With increasing IoT adoption comes heightened vulnerabilities, prompting research into identifying IoT malware. While existing models excel at spotting known malicious code, detecting new and modified malware presents challenges. This paper presents a novel six-step framework. It begins with eight malware attack datasets as input, followed by insights from Exploratory Data Analysis (EDA). Feature engineering includes scaling, One-Hot Encoding, target variable analysis, feature importance using MDI and XGBoost, and clustering with K-Means and PCA. Our GhostNet ensemble, combined with the Gated Recurrent Unit Ensembler (GNGRUE), is trained on these datasets and fine-tuned using the Jaya Algorithm (JA) to identify and categorize malware. The tuned GNGRUE-JA is tested on malware datasets. A comprehensive comparison with existing models encompasses performance, evaluation criteria, time complexity, and statistical analysis. Our proposed model demonstrates superior performance through extensive simulations, outperforming existing methods by around 15% across metrics like AUC, accuracy, recall, and hamming loss, with a 10% reduction in time complexity. These results emphasize the significance of our study’s outcomes, particularly in achieving cost-effective solutions for detecting eight malware strains.

S. Sasikala,Sengathir Janakiraman

DOI: https://doi.org/10.1007/s11277-023-10693-w

IF: 2.017

2023-09-21

Wireless Personal Communications

Abstract:Internet of Things (IoT) is the recent digital trend that connects the physical and virtual world. The strong bonding between the people, objects, machines and the web are assisting to develop new business models and also ensuring a better communication framework. On the other side, IoT devices are the main targets for cybercriminals that take vulnerable action over the authentication model, outdated data services and the malware. Henceforth, the security metrics of IoT devices is explored by several researchers while focusing on IoT malware. Many studies on the security issues for IoT systems are explored. Specifically, the employment of Machine learning techniques used for detecting the IoT malwares is studied. In this paper, a detailed survey on detecting the IoT malware using ML techniques are presented. Initially, the fundamentals of the malware analysis and the process and tools used to identify the malwares are discussed. The main intention of this survey is to support the security analysts who are interested to understand and innovate new trends in ML for IoT devices. This study is categorized into two groups, namely, machine learning techniques and neural networks. Both the groups are reviewed from the aspects of preprocessing and feature extraction process of the suggested ML techniques. The study ends the research issues in this field from the aspects of evaluating the performance of methods, as dataset collection, parameter optimization, neural network structure, throughput and scalability.

telecommunications

Amir Djenna,Ahmed Bouridane,Saddaf Rubab,Ibrahim Moussa Marou

DOI: https://doi.org/10.3390/sym15030677

2023-03-09

Symmetry

Abstract:Malware, a lethal weapon of cyber attackers, is becoming increasingly sophisticated, with rapid deployment and self-propagation. In addition, modern malware is one of the most devastating forms of cybercrime, as it can avoid detection, make digital forensics investigation in near real-time impossible, and the impact of advanced evasion strategies can be severe and far-reaching. This makes it necessary to detect it in a timely and autonomous manner for effective analysis. This work proposes a new systematic approach to identifying modern malware using dynamic deep learning-based methods combined with heuristic approaches to classify and detect five modern malware families: adware, Radware, rootkit, SMS malware, and ransomware. Our symmetry investigation in artificial intelligence and cybersecurity analytics will enhance malware detection, analysis, and mitigation abilities to provide resilient cyber systems against cyber threats. We validated our approach using a dataset that specifically contains recent malicious software to demonstrate that the model achieves its goals and responds to real-world requirements in terms of effectiveness and efficiency. The experimental results indicate that the combination of behavior-based deep learning and heuristic-based approaches for malware detection and classification outperforms the use of static deep learning methods.

multidisciplinary sciences

Hamad Naeem,Bandar M. Alshammari,Farhan Ullah

DOI: https://doi.org/10.1155/2022/7671967

IF: 3.12

2022-07-17

Computational Intelligence and Neuroscience

Abstract:Automated malware detection is a prominent issue in the world of network security because of the rising number and complexity of malware threats. It is time-consuming and resource intensive to manually analyze all malware files in an application using traditional malware detection methods. Polymorphism and code obfuscation were created by malware authors to bypass the standard signature-based detection methods used by antivirus vendors. Malware detection using deep learning (DL) approaches has recently been implemented in an effort to address this problem. This study compares the detection of IoT device malware using three current state-of-the-art CNN models that have been pretrained. Large-scale learning performance using GNB, SVM, DT, LR, K-NN, and ensemble classifiers with CNN models is also included in the results. In light of the findings, a pretrained Inception-v3 CNN-based transfer learned model with fine-tuned strategy is proposed to identify IoT device malware by utilizing color image malware display of android Dalvik Executable File (DEX). Inception-v3 retrieves the malware's most important features. After that, a global max-pooling layer is applied, and a SoftMax classifier is used to classify the features. Finally, gradient-weighted class activation mapping (Grad-CAM) along the t-distributed stochastic neighbor embedding (t-SNE) is used to understand the overall performance of the proposed method. The proposed method achieved an accuracy of 98.5% and 91%, respectively, in the binary and multiclass prediction of malware images from IoT devices, exceeding the comparison methods in different evaluation parameters.

mathematical & computational biology,neurosciences