A novel lightweight Machine Learning framework for IoT malware classification based on matrix block mean Downsampling

• Published in: Ain Shams Engineering Journal Vol. 16; no. 1; p. 103205
• Main Authors: Farfoura, Mahmoud E., Mashal, Ibrahim, Alkhatib, Ahmad, Batyha, Radwan M., Rosiyadi, Didi
• Format: Journal Article
• Language: English
• Published: Elsevier B.V 01.01.2025; Elsevier
• Subjects: Classification; Dimensionality reduction; Internet of Things; LDA; LGBM; Logistic regression; Machine learning; Malware; Matrix Block Mean Downsampling; Random forest; Dimensionality reduction; Logistic regression; LGBM; Machine learning; Classification; LDA; Malware; Random forest; Matrix Block Mean Downsampling; Internet of Things
• ISSN: 2090-4479
• DOI: 10.1016/j.asej.2024.103205

In recent years, the number of smart objects connected through the Internet of Things (IoT) has increased significantly. These smart objects are susceptible to cybersecurity threats and are easily affected by IoT malware. Malwares, if not detected, can harm different components of the IoT: smart objects, communication network, and the applications, leading to data theft and privacy breach. Despite that machine learning is incredibly successful at detecting malware, it cannot be deployed in IoT environment due to its computation complexity and high processing resources it demands. This paper proposes a lightweight machine learning framework for real-time IoT malware detection with limited computing burden. The framework is based on novel feature extraction technique; the Matrix Block Mean Downsampling (MBMD), and various machine learning algorithms are implemented. The experiments carried out on BODMAS dataset show the superiority of the proposed approach in detecting IoT malware with an F1-score of more than 99%.