Revealing and analysing modem malware

Čeleda, Pavel; Krejčí, Radek; Krmíček, Vojtěch

doi:10.1109/icc.2012.6364598

Cited by 7 publications

(4 citation statements)

References 5 publications

(6 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…ese problems made researchers do further study [6][7][8][9][10][11][12][13] and attracted the widespread attention of researchers such as IoT malware. ese methods can be divided into two main categories.…”

Section: Introductionmentioning

confidence: 99%

A Novel Framework to Classify Malware in MIPS Architecture-Based IoT Devices

Phu

Dang

Quoc

et al. 2019

Security and Communication Networks

View full text Add to dashboard Cite

Malware on devices connected to the Internet via the Internet of Things (IoT) is evolving and is a core component of the fourth industrial revolution. IoT devices use the MIPS architecture with a large proportion running on embedded Linux operating systems, but the automatic analysis of IoT malware has not been resolved. We proposed a framework to classify malware in IoT devices by using MIPS-based system behavior (system call—syscall) obtained from our F-Sandbox passive process and machine learning techniques. The F-Sandbox is a new type for IoT sandbox, automatically created from the real firmware of the specialized IoT devices, inheriting the specialized environment in the real firmware, therefore creating a diverse environment for sandboxing as an important characteristic of IoT sandbox. This framework classifies five families of IoT malware with F1-Weight = 97.44%.

show abstract

Section: Introductionmentioning

confidence: 99%

A Novel Framework to Classify Malware in MIPS Architecture-Based IoT Devices

Phu

Dang

Quoc

et al. 2019

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…Inside IoT network, network devices such as router, switch, IoT gateway play a important role in transmitting data between devices. To secure these IoT devices, especially routers, works presented in [8,9,10,11,12,13] allow identifying vulnerabilities/malware in commercial off-the-shelf (COST) network devices. There are two main classes in firmware analysis: static and dynamic approach.…”

Section: Introductionmentioning

confidence: 99%

A System Emulation for Malware Detection in Routers

Phu¹

2019

IJITEE

View full text Add to dashboard Cite

Nowadays, there are many discussions on the fourth industrial revolution with a combination of real physical and virtual systems (Cyber Physical Systems), Internet of Things (IoT) and Internet of Services (IoS). Along with this revolution is the rapid development of malicious code on IoT devices, leading to not only the risk of personal privacy information leaking but also the risk of network security in general. In this paper, we propose C500-toolkit, a novel tool for malware detection in Commercial-off-the-shelf routers, based on dynamic analysis approach. The main contribution of C500-toolkit is to provide an environment for fully emulating router firmware image including both operating system and web-interface. To show the advantage of C500-toolkit, experiments of this tool with embedded malwares Linux/TheMoon and Linux/Mirai are presented

show abstract

“…In response to these risks, researchers have been developing new methods and techniques to detect malicious code on IoT devices [4] [10]. These studies can be divided into two main groups: static analysis [4][5] [7] and dynamic analysis [6] [8][9] [10].…”

Section: Introductionmentioning

confidence: 99%

Iot Botnet Detection Using System Call Graphs and One-Class CNN Classification

Le¹,

Ngo²,

Le³

2019

IJITEE

View full text Add to dashboard Cite

With the rapid development of IoT devices, security risks become clearer in smart houses with the emergence of more types of IoT Botnet. With the development of machine learning technology applied to dynamic analysis methods, the automatic detection of variations of IoT Botnet has many achievements. However, there are still some difficulties such as building Sandbox suitable for IoT Botnet with specific chip architectures, collecting full of malicious behavior, imbalance in dataset,... affecting the accuracy of the learning model. In this paper, the authors introduce method of detecting IoT Botnet through system call of executable file to address some difficulties mentioned above. We edit sandbox environment based on QEMU to collect more monitoring data and focus to system calls behavior of malware. By using the CNN network architecture combined with One-class classification and features extracted from the system call graph, the authors have built a IoT Botnet detection model with an accuracy of up to 97% and F-measure 98.33%

show abstract

Revealing and analysing modem malware

Cited by 7 publications

References 5 publications

A Novel Framework to Classify Malware in MIPS Architecture-Based IoT Devices

A Novel Framework to Classify Malware in MIPS Architecture-Based IoT Devices

A System Emulation for Malware Detection in Routers

Iot Botnet Detection Using System Call Graphs and One-Class CNN Classification

Contact Info

Product

Resources

About