IoT malware: An attribute-based taxonomy, detection mechanisms and challenges

• Published in: Peer-to-peer networking and applications Vol. 16; no. 3; pp. 1380 - 1431
• Main Authors: Victor, Princy, Lashkari, Arash Habibi, Lu, Rongxing, Sasi, Tinshu, Xiong, Pulei, Iqbal, Shahrear
• Format: Journal Article
• Language: English
• Published: New York Springer US 01.05.2023; Springer Nature B.V
• Subjects: Communications Engineering; Computer architecture; Computer Communication Networks; Cybersecurity; Engineering; Information Systems and Communication Service; Internet of Things; Malware; Networks; Programming languages; Signal,Image and Speech Processing; Supply chains; Taxonomy; Malware; Internet of Things; Taxonomy; Challenges of malware detection methods
• ISSN: 1936-6442; 1936-6450
• DOI: 10.1007/s12083-023-01478-w

During the past decade, the Internet of Things (IoT) has paved the way for the ongoing digitization of society in unique ways. Its penetration into enterprise and day-to-day lives improved the supply chain in numerous ways. Unfortunately, the profuse diversity of IoT devices has become an attractive target for malware authors who take advantage of its vulnerabilities. Accordingly, enhancing the security of IoT devices has become the primary objective of industrialists and researchers. However, most present studies lack a deep understanding of IoT malware and its various aspects. As understanding IoT malware is the preliminary base of research, in this work, we present an IoT malware taxonomy with 100 attributes based on the IoT malware categories, attack types, attack surfaces, malware distribution architecture, victim devices, victim device architecture, IoT malware characteristics, access mechanisms, programming languages, and protocols. In addition, we have mapped these categories into 77 IoT Malwares identified between 2008 and 2022. Furthermore, To provide insight into the challenges in IoT malware research for future researchers, our study also reviews the existing IoT malware detection works.