Tran, Nghi Phu and Le, Huy Hoang and Nguyen, Ngoc Toan and Nguyen, Dai Tho and Nguyen, Ngoc Binh
(2019)
C500-CFG: A Novel Algorithm to Extract Control Flow-Based Features for IoT Malware Detection.
In: 19th International Symposium on Communications and Information Technologies (ISCIT 2019), September 25 - 27, 2019, Ho Chi Minh City.
Abstract
Control flow-based features proposed by Ding, static characteristic extraction method, has the ability to detect malicious code with higher accuracy than traditional Text-based methods. However, this method resolved NP-hard problem in a graph, therefore it is not feasible with the large-size and highcomplexity programs. So, we propose the C500-CFG algorithm in Control flow-based features based on the idea of dynamic programming, solving Ding’s NP-hard problem by polynomial complexity O(N^2) algorithm, where N is the number of basic blocks in decompiled executable codes. Our algorithm is more efficient and more outstanding in detecting malware than Ding’s algorithm: fast processing time, allowing processing large files, using less memory and extracting more feature information. Applying our algorithms with IoT data sets gives outstanding results on 2 measures: Accuracy = 99.34%, F1-Score = 99.32%.
Actions (login required)
 |
View Item |
