Graph-based IoT malware family classification
Loading...
Files
Date
2021
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
University of New Brunswick
Abstract
Internet of Things malware has become one of the main cyber-threats nowadays. There is no comprehensive study in a feature-based manner for IoT malware detection approaches to the best of our knowledge. Moreover, the studies show that there is a lack of IoT malware family classification system. This thesis attempts to bridge these gaps by proposing a feature-based IoT malware taxonomy and a graph-based IoT malware family classification framework by combining the FCGs and fuzzy hashes. We introduce the Aggregated Weighted Graph (AWGH) of Hashes, representing each IoT malware family's structure. We use IDA Pro [60] for generating the FCGs, ssdeep [3] for computing the fuzzy hashes, and Python for developing the fully automated framework. To evaluate the system's effectiveness, we use the VirusTotal dataset [4] and provide a comparative analysis with different IoT malware regarding their CPU architectures (MIPS, ARM, i386, PowerPC, and AMD64). The results show the effectiveness of our framework.