Robust Malware Detection for Internet of (Battlefield) Things Devices Using Deep Eigenspace Learning

Internet of Things (IoT) in military settings generally consists of a diverse range of Internet-connected devices and nodes (e.g., medical devices and wearable combat uniforms). These IoT devices and nodes are a valuable target for cyber criminals, particularly state-sponsored or nation state actors...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on sustainable computing 2019-01, Vol.4 (1), p.88-95
Main Authors: Azmoodeh, Amin, Dehghantanha, Ali, Choo, Kim-Kwang Raymond
Format: Article
Language:English
Subjects:
Androids
Battlefields
Computer security
deep eigenspace learning
deep learning
Feature extraction
Internet
internet of battlefield things
Internet of Things
Internet of things malware
Machine learning
Malware
malware detection
Medical devices
Medical electronics
Medical equipment
Military technology
Nodes
Robustness
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Internet of Things (IoT) in military settings generally consists of a diverse range of Internet-connected devices and nodes (e.g., medical devices and wearable combat uniforms). These IoT devices and nodes are a valuable target for cyber criminals, particularly state-sponsored or nation state actors. A common attack vector is the use of malware. In this paper, we present a deep learning based method to detect Internet Of Battlefield Things (IoBT) malware via the device's Operational Code (OpCode) sequence. We transmute OpCodes into a vector space and apply a deep Eigenspace learning approach to classify malicious and benign applications. We also demonstrate the robustness of our proposed approach in malware detection and its sustainability against junk code insertion attacks. Lastly, we make available our malware sample on Github, which hopefully will benefit future research efforts (e.g., to facilitate evaluation of future malware detection approaches).
ISSN:2377-3782
2377-3782
2377-3790
DOI:10.1109/TSUSC.2018.2809665