Massive IoT Malware Classification Method Using Binary Lifting

Jeong, Hae-Seon; Kwak, Jin

doi:10.32604/iasc.2022.021038

Cited by 1 publication

(1 citation statement)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Addressing the challenge of classifying Linux malware across various heterogeneous architectures, Jeong et al [21] proposes leveraging binary lifting. The core idea in this paper is to translate the binary codes of different architectures into a high-level intermediate representation (IR) using binary lifting.…”

Section: Literature Reviewmentioning

confidence: 99%

Linux IoT Malware Variant Classification Using Binary Lifting and Opcode Entropy

Ramamoorthy,

Gupta,

Shashidhar

et al. 2024

Electronics

View full text Add to dashboard Cite

Binary function analysis is fundamental in understanding the behavior and genealogy of malware. The detection, classification, and analysis of Linux IoT malware and its variants present significant challenges due to the wide range of architectures supported by the Linux IoT platform. This study concentrates on static analysis using binary lifting techniques to extract and analyze Intermediate Representation (IR) opcode sequences. We introduce a set of statistical entropy-based features derived from these IR opcode sequences, establishing a practical and straightforward methodology for machine learning classification models. By exclusively analyzing function metadata and opcode entropy, our architecture-agnostic approach not only efficiently detects malware but also classifies its variants with a high degree of accuracy, achieving an F1 score of 97%. The proposed approach offers a robust alternative for enhancing malware detection and variant identification frameworks for IoT devices.

show abstract

Section: Literature Reviewmentioning

confidence: 99%