A Cross-Platform Study on Emerging Malicious Programs Targeting IoT Devices

Tao BAN  Ryoichi ISAWA  Shin-Ying HUANG  Katsunari YOSHIOKA  Daisuke INOUE  

IEICE TRANSACTIONS on Information and Systems   Vol.E102-D   No.9   pp.1683-1685
Publication Date: 2019/09/01
Publicized: 2019/06/21
Online ISSN: 1745-1361
DOI: 10.1587/transinf.2018OFL0007
Type of Manuscript: Special Section LETTER (Special Section on Log Data Usage Technology and Office Information Systems)
Category: Cybersecurity
IoT security,  IoT malware,  malware analysis,  malware classification,  

Full Text: FreePDF(1.6MB)

Along with the proliferation of IoT (Internet of Things) devices, cyberattacks towards them are on the rise. In this paper, aiming at efficient precaution and mitigation of emerging IoT cyberthreats, we present a multimodal study on applying machine learning methods to characterize malicious programs which target multiple IoT platforms. Experiments show that opcode sequences obtained from static analysis and API sequences obtained by dynamic analysis provide sufficient discriminant information such that IoT malware can be classified with near optimal accuracy. Automated and accelerated identification and mitigation of new IoT cyberthreats can be enabled based on the findings reported in this study.