مقاله انگلیسی سیستم تشخیص بدافزار اینترنت اشیاء (IoT) با هوش لبه (EI)
Abstract
Document Sections
I. Introduction
II. Preliminaries
III. System Overview
IV. Experimental Evaluation
V. Conclusion
Abstract:
With the development of 5G networks, IoT devices are increasingly used in the industrial and household fields. Due to the characteristics of the CPU multi-architecture system of IoT devices, the traditional signature-based and single-architecture based detection methods is not effective are for detecting cross-architecture malware. To solve this problem, we propose a cross-architecture IoT malware detection system based on Graph Attention Networks (GAT). We employ the CFG extracted from the binary executable file as the graph structure and Opcode and PSI as the feature attributes of the graph nodes. Through GAT, we obtain the neighborhood features of each node, and assign different weights to different nodes in the neighborhood and finally complete detection. Different training phases are allocated to the edge and cloud center for execution to improve system performance and protect user data privacy. The experimental results of par show that the detection accuracy of our system reaches 99.67%. Compared with existing detection methods, we obtained the best accuracy.
I. INTRODUCTION
In recent years, with the vigorous development of various applications of the intelligent Internet of Things, attackers have used endless malware and its variants to pose a huge security threat to IoT devices. For example, controlling a large number of Internet of Things devices to launch DDOS attacks on the central server. In 2018, attackers used Mirai [1] infected malicious IoT devices to launch DDoS attacks on the GitHub website. It has a huge impact on the GitHub backend and users. To protect legitimate users from these threats, anti-malware providers usually provide software products based on signature methods to detect threats. However, attackers can easily use techniques such as instruction virtualization, packaging, and polymorphism to avoid detection. And because IoT devices often have different CPU architectures, for cross-architecture malware, traditional signature-based and single-architecture detection methods are not effective.
In recent years, deep learning algorithms including recurrent neural networks (RNN) [2], convolutional neural networks (CNN) [3] and deep networks (DNN) [4]. They have played a variety of irreplaceable roles in malware detection, which are considered to be an emerging research area. It encourages anti-malware providers to find novel detection method based on deep learning techniques. The work [5] converted Opcode of executable files to vectors Spatial and applied fuzzy and fast fuzzy pattern tree method to detect IoT malware. The authors performed the experiment on the ARM-based IoT dataset, which contained 1078 benign samples and 128 malware samples. The accuracy rate reached 99.83%. However, due to the diversity of the instruction set architecture used in IoT devices, the detection effect of heterogeneous IoT malware is doubtful. The work [6] proposed a function selection method for detection cross-architecture malware which called CFDVex. This experiment achieved good results in cross-architecture malware detection.