TY  - CONF
ID  - SisLab3763
UR  - https://soict.org/
A1  - Tran, Nghi Phu
A1  - Le, Huy Hoang
A1  - Nguyen, Ngoc Toan
A1  - Nguyen, Dai Tho
A1  - Nguyen, Ngoc Binh
Y1  - 2019/12//
N2  - The widespread adoption of Internet of Things (IoT) devices built on different architectures gave rise to the creation and development of multi-architecture malware for mass compromise. Crossarchitecture malware detection plays an important role in detecting malware early on devices using new or strange architectures. Prior knowledge of malware detection on traditional architectures can be inherited for the same task on new and uncommon ones. Basing on CFD and Vex intermediate representation, we propose a feature selection method to detect cross-architecture malware, called CFDVex. Experimental evaluation of the proposed approach on our large IoT dataset achieved good results for cross-architecture malware detection. We only trained a SVM model by Intel 80386 architecture samples, our method could detect the IoT malware for the MIPS architecture samples with 95.72% of accuracy and 2.81% false positive rate.
TI  - CFDVex: A Novel Feature Extraction Method for Detecting Cross-Architecture IoT Malware
SP  - 248
M2  - Ha Noi - Ha Long
AV  - public
EP  - 254
T2  - 10th International Symposium on Information and Communication Technology (SoICT 2019)
ER  -