An Inside Look at IoT Malware

Wang, Aohui; Liang, Ruigang; Liu, Xiaokang; Zhang, Yingjun; Chen, Kai; Li, Jin

doi:10.1007/978-3-319-60753-5_19

Cited by 40 publications

(29 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Typically, an IoT device application layer includes local web applications, cloud-based applications, and smartphone apps that are accessible to numerous third party app markets leading to security threats [57,58]. Hence, multiple IoT malware attacks are possible and these fall under two main categories according to the way in which IoT malware infects devices: (i) by brute force attacks through a dictionary of weak usernames and passwords; (ii) by exploiting unfixed or zero-day vulnerabilities found in IoT devices [43]. With Big Data and IoT, the malware datasets could be complex and unstructured that require more dynamic and scalable visualisation and more efficient feature extraction [44].…”

Section: Resultsmentioning

confidence: 99%

“…Rootkits, log files, password/hidden files, and processes are some of the avenues through which compromises could be analysed contextually using automatic and semiautomatic tools primarily based on the patterns exhibited by malware [42]. However, with the present Big Data scenario, such analysis becomes complex and time-consuming to undergo a comprehensive and thorough investigation of malware samples and to accurately detect and classify zero-day malware [43,44]. We propose a visualisation of malware behaviour patterns to address this problem.…”

Section: Proposed Methods Using Similarity Miningmentioning

confidence: 99%

See 1 more Smart Citation

Use of Data Visualisation for Zero-Day Malware Detection

Venkatraman¹,

Alazab

2018

Security and Communication Networks

118

View full text Add to dashboard Cite

With the explosion of Internet of Things (IoT) worldwide, there is an increasing threat from malicious software (malware) attackers that calls for efficient monitoring of vulnerable systems. Large amounts of data collected from computer networks, servers, and mobile devices need to be analysed for malware proliferation. Effective analysis methods are needed to match with the scale and complexity of such a data-intensive environment. In today’s Big Data contexts, visualisation techniques can support malware analysts going through the time-consuming process of analysing suspicious activities thoroughly. This paper takes a step further in contributing to the evolving realm of visualisation techniques used in the information security field. The aim of the paper is twofold: (1) to provide a comprehensive overview of the existing visualisation techniques for detecting suspicious behaviour of systems and (2) to design a novel visualisation using similarity matrix method for establishing malware classification accurately. The prime motivation of our proposal is to identify obfuscated malware using visualisation of the extended x86 IA-32 (opcode) similarity patterns, which are hard to detect with the existing approaches. Our approach uses hybrid models wherein static and dynamic malware analysis techniques are combined effectively along with visualisation of similarity matrices in order to detect and classify zero-day malware efficiently. Overall, the high accuracy of classification achieved with our proposed method can be visually observed since different malware families exhibit significantly dissimilar behaviour patterns.

show abstract

Section: Resultsmentioning

confidence: 99%

Section: Proposed Methods Using Similarity Miningmentioning

confidence: 99%

Use of Data Visualisation for Zero-Day Malware Detection

Venkatraman¹,

Alazab

2018

Security and Communication Networks

118

View full text Add to dashboard Cite

show abstract

“…In this vein, as it has been highlighted in Section V, information-hiding-capable threats and steganographic malware can become the new ingredient for the creation of even more sophisticated malware, which can endanger a variety of setups (even not unimaginable today). For instance, the authors of [191] dissected the various techniques used by the Mirai malware targeting IoT nodes. Even if not strictly related to steganography, Mirai also exploits mechanisms to hide the presence of the process, to avoid being spotted.…”

Section: Attack Trends and Research Directionsmentioning

confidence: 99%

Tight Arms Race: Overview of Current Malware Threats and Trends in Their Detection

Caviglione

Choraś

Corona³

et al. 2021

IEEE Access

100

View full text Add to dashboard Cite

“…This metadata may contain sensitive information, so it is essential not to have information such as a password because it would allow attackers to access resources more quickly. Attackers seek to identify credentials in the metadata using the SSRF vulnerability in the [26], [36], [37] The average password length on IoT devices is short. public frontend.…”

Section: Introductionmentioning

confidence: 99%