Lightweight Classification of IoT Malware Based on Image Recognition

• Published in: 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC) Vol. 2; pp. 664 - 669
• Main Authors: Su, Jiawei, Vasconcellos, Danilo Vargas, Prasad, Sanjiva, Sgandurra, Daniele, Feng, Yaokai, Sakurai, Kouichi
• Format: Conference Proceeding
• Language: English
• Published: IEEE 01.07.2018
• Subjects: Cloud computing; Computer crime; Convolutional Neural Network; Convolutional neural networks; Feature extraction; IoT cyber-security; Machine learning; Malware; Malware image classification; Servers
• ISBN: 1538626675; 9781538626672
• ISSN: 0730-3157
• DOI: 10.1109/COMPSAC.2018.10315

The Internet of Things (IoT) is an extension of the traditional Internet, which allows a very large number of smart devices, such as home appliances, network cameras, sensors and controllers to connect to one another to share information and improve user experiences. IoT devices are micro-computers for domain-specific computations rather than traditional function-specific embedded devices. This opens the possibility of seeing many kinds of existing attacks, traditionally targeted at the Internet, also directed at IoT devices. As shown by recent events, such as the Mirai and Brickerbot botnets, DDoS attacks have become very common in IoT environments as these lack basic security monitoring and protection mechanisms. In this paper, we propose a novel light-weight approach for detecting DDos malware in IoT environments. We extract the malware images (i.e., a one-channel gray-scale image converted from a malware binary) and utilize a light-weight convolutional neural network for classifying their families. The experimental results show that the proposed system can achieve 94:0% accuracy for the classification of goodware and DDoS malware and 81:8% accuracy for the classification of goodware and two main malware families.