Lightweight Classification of IoT Malware Based on Image Recognition

Jiawei Su, Danilo Vasconcellos Vargas, Sanjiva Prasad, Sgandurra Daniele, Yaokai Feng, Kouichi Sakurai

Research output: Chapter in Book/Report/Conference proceedingConference contribution

8 Citations (Scopus)

Abstract

The Internet of Things (IoT) is an extension of the traditional Internet, which allows a very large number of smart devices, such as home appliances, network cameras, sensors and controllers to connect to one another to share information and improve user experiences. IoT devices are micro-computers for domain-specific computations rather than traditional functionspecific embedded devices. This opens the possibility of seeing many kinds of existing attacks, traditionally targeted at the Internet, also directed at IoT devices. As shown by recent events, such as the Mirai and Brickerbot botnets, DDoS attacks have become very common in IoT environments as these lack basic security monitoring and protection mechanisms. In this paper, we propose a novel light-weight approach for detecting DDos malware in IoT environments. We extract the malware images (i.e., a one-channel gray-scale image converted from a malware binary) and utilize a light-weight convolutional neural network for classifying their families. The experimental results show that the proposed system can achieve 94:0% accuracy for the classification of goodware and DDoS malware, and 81:8% accuracy for the classification of goodware and two main malware families.

Original languageEnglish
Title of host publicationProceedings - 2018 IEEE 42nd Annual Computer Software and Applications Conference, COMPSAC 2018
EditorsClaudio Demartini, Sorel Reisman, Ling Liu, Edmundo Tovar, Hiroki Takakura, Ji-Jiang Yang, Chung-Horng Lung, Sheikh Iqbal Ahamed, Kamrul Hasan, Thomas Conte, Motonori Nakamura, Zhiyong Zhang, Toyokazu Akiyama, William Claycomb, Stelvio Cimato
PublisherIEEE Computer Society
Pages664-669
Number of pages6
ISBN (Electronic)9781538626665
DOIs
Publication statusPublished - Jun 8 2018
Event42nd IEEE Computer Software and Applications Conference, COMPSAC 2018 - Tokyo, Japan
Duration: Jul 23 2018Jul 27 2018

Publication series

NameProceedings - International Computer Software and Applications Conference
Volume2
ISSN (Print)0730-3157

Other

Other42nd IEEE Computer Software and Applications Conference, COMPSAC 2018
CountryJapan
CityTokyo
Period7/23/187/27/18

Fingerprint

Image recognition
Internet
Domestic appliances
Cameras
Internet of things
Malware
Neural networks
Controllers
Monitoring
Sensors

All Science Journal Classification (ASJC) codes

  • Software
  • Computer Science Applications

Cite this

Su, J., Vargas, D. V., Prasad, S., Daniele, S., Feng, Y., & Sakurai, K. (2018). Lightweight Classification of IoT Malware Based on Image Recognition. In C. Demartini, S. Reisman, L. Liu, E. Tovar, H. Takakura, J-J. Yang, C-H. Lung, S. I. Ahamed, K. Hasan, T. Conte, M. Nakamura, Z. Zhang, T. Akiyama, W. Claycomb, ... S. Cimato (Eds.), Proceedings - 2018 IEEE 42nd Annual Computer Software and Applications Conference, COMPSAC 2018 (pp. 664-669). [8377943] (Proceedings - International Computer Software and Applications Conference; Vol. 2). IEEE Computer Society. https://doi.org/10.1109/COMPSAC.2018.10315

Lightweight Classification of IoT Malware Based on Image Recognition. / Su, Jiawei; Vargas, Danilo Vasconcellos; Prasad, Sanjiva; Daniele, Sgandurra; Feng, Yaokai; Sakurai, Kouichi.

Proceedings - 2018 IEEE 42nd Annual Computer Software and Applications Conference, COMPSAC 2018. ed. / Claudio Demartini; Sorel Reisman; Ling Liu; Edmundo Tovar; Hiroki Takakura; Ji-Jiang Yang; Chung-Horng Lung; Sheikh Iqbal Ahamed; Kamrul Hasan; Thomas Conte; Motonori Nakamura; Zhiyong Zhang; Toyokazu Akiyama; William Claycomb; Stelvio Cimato. IEEE Computer Society, 2018. p. 664-669 8377943 (Proceedings - International Computer Software and Applications Conference; Vol. 2).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Su, J, Vargas, DV, Prasad, S, Daniele, S, Feng, Y & Sakurai, K 2018, Lightweight Classification of IoT Malware Based on Image Recognition. in C Demartini, S Reisman, L Liu, E Tovar, H Takakura, J-J Yang, C-H Lung, SI Ahamed, K Hasan, T Conte, M Nakamura, Z Zhang, T Akiyama, W Claycomb & S Cimato (eds), Proceedings - 2018 IEEE 42nd Annual Computer Software and Applications Conference, COMPSAC 2018., 8377943, Proceedings - International Computer Software and Applications Conference, vol. 2, IEEE Computer Society, pp. 664-669, 42nd IEEE Computer Software and Applications Conference, COMPSAC 2018, Tokyo, Japan, 7/23/18. https://doi.org/10.1109/COMPSAC.2018.10315
Su J, Vargas DV, Prasad S, Daniele S, Feng Y, Sakurai K. Lightweight Classification of IoT Malware Based on Image Recognition. In Demartini C, Reisman S, Liu L, Tovar E, Takakura H, Yang J-J, Lung C-H, Ahamed SI, Hasan K, Conte T, Nakamura M, Zhang Z, Akiyama T, Claycomb W, Cimato S, editors, Proceedings - 2018 IEEE 42nd Annual Computer Software and Applications Conference, COMPSAC 2018. IEEE Computer Society. 2018. p. 664-669. 8377943. (Proceedings - International Computer Software and Applications Conference). https://doi.org/10.1109/COMPSAC.2018.10315
Su, Jiawei ; Vargas, Danilo Vasconcellos ; Prasad, Sanjiva ; Daniele, Sgandurra ; Feng, Yaokai ; Sakurai, Kouichi. / Lightweight Classification of IoT Malware Based on Image Recognition. Proceedings - 2018 IEEE 42nd Annual Computer Software and Applications Conference, COMPSAC 2018. editor / Claudio Demartini ; Sorel Reisman ; Ling Liu ; Edmundo Tovar ; Hiroki Takakura ; Ji-Jiang Yang ; Chung-Horng Lung ; Sheikh Iqbal Ahamed ; Kamrul Hasan ; Thomas Conte ; Motonori Nakamura ; Zhiyong Zhang ; Toyokazu Akiyama ; William Claycomb ; Stelvio Cimato. IEEE Computer Society, 2018. pp. 664-669 (Proceedings - International Computer Software and Applications Conference).
@inproceedings{e388eccef9754d9dbf135ee3d2b34827,
title = "Lightweight Classification of IoT Malware Based on Image Recognition",
abstract = "The Internet of Things (IoT) is an extension of the traditional Internet, which allows a very large number of smart devices, such as home appliances, network cameras, sensors and controllers to connect to one another to share information and improve user experiences. IoT devices are micro-computers for domain-specific computations rather than traditional functionspecific embedded devices. This opens the possibility of seeing many kinds of existing attacks, traditionally targeted at the Internet, also directed at IoT devices. As shown by recent events, such as the Mirai and Brickerbot botnets, DDoS attacks have become very common in IoT environments as these lack basic security monitoring and protection mechanisms. In this paper, we propose a novel light-weight approach for detecting DDos malware in IoT environments. We extract the malware images (i.e., a one-channel gray-scale image converted from a malware binary) and utilize a light-weight convolutional neural network for classifying their families. The experimental results show that the proposed system can achieve 94:0{\%} accuracy for the classification of goodware and DDoS malware, and 81:8{\%} accuracy for the classification of goodware and two main malware families.",
author = "Jiawei Su and Vargas, {Danilo Vasconcellos} and Sanjiva Prasad and Sgandurra Daniele and Yaokai Feng and Kouichi Sakurai",
year = "2018",
month = "6",
day = "8",
doi = "10.1109/COMPSAC.2018.10315",
language = "English",
series = "Proceedings - International Computer Software and Applications Conference",
publisher = "IEEE Computer Society",
pages = "664--669",
editor = "Claudio Demartini and Sorel Reisman and Ling Liu and Edmundo Tovar and Hiroki Takakura and Ji-Jiang Yang and Chung-Horng Lung and Ahamed, {Sheikh Iqbal} and Kamrul Hasan and Thomas Conte and Motonori Nakamura and Zhiyong Zhang and Toyokazu Akiyama and William Claycomb and Stelvio Cimato",
booktitle = "Proceedings - 2018 IEEE 42nd Annual Computer Software and Applications Conference, COMPSAC 2018",
address = "United States",

}

TY - GEN

T1 - Lightweight Classification of IoT Malware Based on Image Recognition

AU - Su, Jiawei

AU - Vargas, Danilo Vasconcellos

AU - Prasad, Sanjiva

AU - Daniele, Sgandurra

AU - Feng, Yaokai

AU - Sakurai, Kouichi

PY - 2018/6/8

Y1 - 2018/6/8

N2 - The Internet of Things (IoT) is an extension of the traditional Internet, which allows a very large number of smart devices, such as home appliances, network cameras, sensors and controllers to connect to one another to share information and improve user experiences. IoT devices are micro-computers for domain-specific computations rather than traditional functionspecific embedded devices. This opens the possibility of seeing many kinds of existing attacks, traditionally targeted at the Internet, also directed at IoT devices. As shown by recent events, such as the Mirai and Brickerbot botnets, DDoS attacks have become very common in IoT environments as these lack basic security monitoring and protection mechanisms. In this paper, we propose a novel light-weight approach for detecting DDos malware in IoT environments. We extract the malware images (i.e., a one-channel gray-scale image converted from a malware binary) and utilize a light-weight convolutional neural network for classifying their families. The experimental results show that the proposed system can achieve 94:0% accuracy for the classification of goodware and DDoS malware, and 81:8% accuracy for the classification of goodware and two main malware families.

AB - The Internet of Things (IoT) is an extension of the traditional Internet, which allows a very large number of smart devices, such as home appliances, network cameras, sensors and controllers to connect to one another to share information and improve user experiences. IoT devices are micro-computers for domain-specific computations rather than traditional functionspecific embedded devices. This opens the possibility of seeing many kinds of existing attacks, traditionally targeted at the Internet, also directed at IoT devices. As shown by recent events, such as the Mirai and Brickerbot botnets, DDoS attacks have become very common in IoT environments as these lack basic security monitoring and protection mechanisms. In this paper, we propose a novel light-weight approach for detecting DDos malware in IoT environments. We extract the malware images (i.e., a one-channel gray-scale image converted from a malware binary) and utilize a light-weight convolutional neural network for classifying their families. The experimental results show that the proposed system can achieve 94:0% accuracy for the classification of goodware and DDoS malware, and 81:8% accuracy for the classification of goodware and two main malware families.

UR - http://www.scopus.com/inward/record.url?scp=85055577661&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85055577661&partnerID=8YFLogxK

U2 - 10.1109/COMPSAC.2018.10315

DO - 10.1109/COMPSAC.2018.10315

M3 - Conference contribution

AN - SCOPUS:85055577661

T3 - Proceedings - International Computer Software and Applications Conference

SP - 664

EP - 669

BT - Proceedings - 2018 IEEE 42nd Annual Computer Software and Applications Conference, COMPSAC 2018

A2 - Demartini, Claudio

A2 - Reisman, Sorel

A2 - Liu, Ling

A2 - Tovar, Edmundo

A2 - Takakura, Hiroki

A2 - Yang, Ji-Jiang

A2 - Lung, Chung-Horng

A2 - Ahamed, Sheikh Iqbal

A2 - Hasan, Kamrul

A2 - Conte, Thomas

A2 - Nakamura, Motonori

A2 - Zhang, Zhiyong

A2 - Akiyama, Toyokazu

A2 - Claycomb, William

A2 - Cimato, Stelvio

PB - IEEE Computer Society

ER -