Towards a rooted subgraph classifier for IoT botnet detection

Nguyen, Huy-Trung; Nguyen, Doan-Hieu; Ngo, Quoc-Dung; Tran, Vu-Hai; Le, Van-Hoang

doi:10.1145/3348445.3348474

Cited by 8 publications

(5 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Since the source code can be represented as an abstract syntax tree, several graph embedding models have been proposed to help detect malware code by learning dependency graphs. The dependency graph is built with API function nodes and directed edges representing other functional queries from the current function [320,321]. For instance, Narayanan et al [320] built rooted subgraphs that capture the connection between API functions in source code.…”

Section: Computer Securitymentioning

confidence: 99%

Graph Representation Learning and Its Applications: A Survey

Hoang

Jeon

You

et al. 2023

Sensors

View full text Add to dashboard Cite

Graphs are data structures that effectively represent relational data in the real world. Graph representation learning is a significant task since it could facilitate various downstream tasks, such as node classification, link prediction, etc. Graph representation learning aims to map graph entities to low-dimensional vectors while preserving graph structure and entity relationships. Over the decades, many models have been proposed for graph representation learning. This paper aims to show a comprehensive picture of graph representation learning models, including traditional and state-of-the-art models on various graphs in different geometric spaces. First, we begin with five types of graph embedding models: graph kernels, matrix factorization models, shallow models, deep-learning models, and non-Euclidean models. In addition, we also discuss graph transformer models and Gaussian embedding models. Second, we present practical applications of graph embedding models, from constructing graphs for specific domains to applying models to solve tasks. Finally, we discuss challenges for existing models and future research directions in detail. As a result, this paper provides a structured overview of the diversity of graph embedding models.

show abstract

Section: Computer Securitymentioning

confidence: 99%

Graph Representation Learning and Its Applications: A Survey

Hoang

Jeon

You

et al. 2023

Sensors

View full text Add to dashboard Cite

show abstract

“…IoT malware is malicious software designed to access, exploit and compromise an IoT device; it is different from other malware in that it has the ability to adapt to various CPU architectures, including MIPS, ARM, Intel x86 and PowerPC [56]. IoT malware has various essential models to finish its functions, including a scanner, an attacker and a killer [86].…”

Section: Downloading Iot Malwarementioning

confidence: 99%

“…After scanning and receiving the information of a vulnerable IoT device, the attacker uses a downloader server to download the bot. After that, the new bot starts its functions and communication with the C&C. Some of the selected studies concentrated on proposing techniques for detecting whether an input executable file is malware or benign [49,56,69,79]. As Figure 8 explained, 19% of the studies concentrated on this type of attack-nine studies, as Table 10 displays.…”

Section: Downloading Iot Malwarementioning

confidence: 99%

“…To create a new feature-based PSI-rooted subgraph to detect cross-architecture IoT botnet malware in a fully static way, the researchers in [56] proposed a technique that combines deep learning with machine learning. They argued that this function is sufficiently powerful, due to its accuracy of about 97% and F-score of about 98%.…”

Section: Ai-based Supervised Learningmentioning

confidence: 99%

See 1 more Smart Citation

Internet of Things Botnet Detection Approaches: Analysis and Recommendations for Future Research

et al. 2021

View full text Add to dashboard Cite

Internet of Things (IoT) is promising technology that brings tremendous benefits if used optimally. At the same time, it has resulted in an increase in cybersecurity risks due to the lack of security for IoT devices. IoT botnets, for instance, have become a critical threat; however, systematic and comprehensive studies analyzing the importance of botnet detection methods are limited in the IoT environment. Thus, this study aimed to identify, assess and provide a thoroughly review of experimental works on the research relevant to the detection of IoT botnets. To accomplish this goal, a systematic literature review (SLR), an effective method, was applied for gathering and critically reviewing research papers. This work employed three research questions on the detection methods used to detect IoT botnets, the botnet phases and the different malicious activity scenarios. The authors analyzed the nominated research and the key methods related to them. The detection methods have been classified based on the techniques used, and the authors investigated the botnet phases during which detection is accomplished. This research procedure was used to create a source of foundational knowledge of IoT botnet detection methods. As a result of this study, the authors analyzed the current research gaps and suggest future research directions.

show abstract

“…24 Nguyen et al proposed a method that combines deep learning and machine learning for botnets detection. 25 Dietz et al present an IoT botnets detection and isolation approach, which can prevent the compromise of IoT devices substantially. 26 Liu et al propose a deep learning-based approach for IoT botnets detection.…”

Section: Related Workmentioning

confidence: 99%

A botnets control strategy based on variable forgetting rate of control commands

Wang

Elahi

et al. 2020

Concurrency and Computation

View full text Add to dashboard Cite

Botnets take advantage of the vulnerabilities in the device-to-device (D2D) communication in the Internet of Things (IoT) systems. The infect devices may become part of the command and control mechanism of Botnets. These infected devices may forget control commands to remain undetected. State-of-the-art control models for botnets based on how devices are infected and patched in IoT systems while dealing with Botnets assume that the rate at which IoT devices forget the control commands (forgetting rate) is constant and known. These control models ignore the possible variability of the forgetting rate, which may enable bots to operate without being detected. This research fills this gap by proposing a modeling-based strategy that considers the changes in equipment states and repair speed when the forgetting rate is variable. In this regard, first, based on the state-of-the-art botnets control model, the effect of variation in the forgetting rate is analyzed. After that, an improved strategy is proposed for the botnets control model when the forgetting rate is unknown. Finally, the experimental evaluation of the proposed strategy is performed that proves the correctness of the proposed control strategy.

show abstract

Towards a rooted subgraph classifier for IoT botnet detection

Cited by 8 publications

References 11 publications

Graph Representation Learning and Its Applications: A Survey

Graph Representation Learning and Its Applications: A Survey

Internet of Things Botnet Detection Approaches: Analysis and Recommendations for Future Research

A botnets control strategy based on variable forgetting rate of control commands

Contact Info

Product

Resources

About