An Efficient Algorithm to Extract Control Flow-Based Features for IoT Malware Detection

Abstract Control flow-based feature extraction method has the ability to detect malicious code with higher accuracy than traditional text-based methods. Unfortunately, this method has been encountered with the NP-hard problem, which is infeasible for the large-sized and high-complexity programs. To...

Full description

Saved in:
Bibliographic Details
Published in:Computer journal 2021-04, Vol.64 (4), p.599-609
Main Authors: Nghi Phu, Tran, Dai Tho, Nguyen, Huy Hoang, Le, Ngoc Toan, Nguyen, Ngoc Binh, Nguyen
Format: Article
Language:English
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Abstract Control flow-based feature extraction method has the ability to detect malicious code with higher accuracy than traditional text-based methods. Unfortunately, this method has been encountered with the NP-hard problem, which is infeasible for the large-sized and high-complexity programs. To tackle this, we propose a control flow-based feature extraction dynamic programming algorithm for fast extraction of control flow-based features with polynomial time O($N^{2}$), where N is the number of basic blocks in decompiled executable codes. From the experimental results, it is demonstrated that the proposed algorithm is more efficient and effective in detecting malware than the existing ones. Applying our algorithm to an Internet of Things dataset gives better results on three measures: Accuracy = 99.05%, False Positive Rate = 1.31% and False Negative Rate = 0.66%.
ISSN:0010-4620
1460-2067
DOI:10.1093/comjnl/bxaa087