Tran, Nghi Phu and Le, Huy Hoang and Nguyen, Ngoc Toan and Nguyen, Dai Tho and Nguyen, Ngoc Binh
(2019)
CFDVex: A Novel Feature Extraction Method for Detecting Cross-Architecture IoT Malware.
In: 10th International Symposium on Information and Communication Technology (SoICT 2019), December 4 – 6, 2019, Ha Noi - Ha Long.
Abstract
The widespread adoption of Internet of Things (IoT) devices built on different architectures gave rise to the creation and development of multi-architecture malware for mass compromise. Crossarchitecture malware detection plays an important role in detecting malware early on devices using new or strange architectures. Prior knowledge of malware detection on traditional architectures can be inherited for the same task on new and uncommon ones. Basing on CFD and Vex intermediate representation, we propose a feature selection method to detect cross-architecture malware, called CFDVex. Experimental evaluation of the proposed approach on our large IoT dataset achieved good results for cross-architecture malware detection. We only trained a SVM model by Intel 80386 architecture samples, our method could detect the IoT malware for the MIPS architecture samples with 95.72% of accuracy and 2.81% false positive rate.
Actions (login required)
|
View Item |