Automatic detection and analysis towards malicious behavior in IoT malware
Our society is rapidly moving towards the digital age, which has led to a sharp increase in IoT networks and devices. This growth requires more network security professionals, who are focused on protecting IoT systems. One crucial task is to analyze malicious software to gain a deeper understanding...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2023
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/8701 https://ink.library.smu.edu.sg/context/sis_research/article/9704/viewcontent/AutomaticDetection_IoT_av.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-9704 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-97042024-04-04T09:13:43Z Automatic detection and analysis towards malicious behavior in IoT malware LI, Sen GE, Mengmeng FENG, Ruitao LI, Xiaohong LAM, Kwok Yan Our society is rapidly moving towards the digital age, which has led to a sharp increase in IoT networks and devices. This growth requires more network security professionals, who are focused on protecting IoT systems. One crucial task is to analyze malicious software to gain a deeper understanding of its functionalities and response methods. However, malware analysis is a complex process that requires the use of various analysis tools, including advanced reverse engineering techniques. For beginners, parsing complex binary data can be particularly challenging as they may be strange with these tools and the basic principles of analysis. Even for experienced analysts, understanding reverse engineering binary files and assembly lists is daunting.Facing these challenges, we propose a two-fold solution. Firstly, we create a detailed list of analysis tools and construct a malware analysis framework aimed at simplifying the analysis process. The framework will list the key data points that need to be addressed in the analysis, providing analysts with the tools and information needed for effective malware analysis. Secondly, we will demonstrate that advanced analysis techniques by providing analysis scripts which automate the reverse engineering process in malware analysis. To evaluate the accuracy of our behavior classification system, we will use our framework and analysis scripts to analyze known malware samples. Then, we will compare the accuracy of script-based analysis results and evaluate their ability to identify malicious software behavior. Our research results indicate that by following our framework and using our scripts, we can detect over 80% critical malware behaviors in known samples, which highlights the potential of simplifying the process of malware analysis, making it easier to learn and implement. 2023-01-01T08:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/8701 info:doi/10.1109/ICDMW60847.2023.00171 https://ink.library.smu.edu.sg/context/sis_research/article/9704/viewcontent/AutomaticDetection_IoT_av.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Automatic analysis IoT malware Malicious behavior analysis Information Security |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Automatic analysis IoT malware Malicious behavior analysis Information Security |
| spellingShingle |
Automatic analysis IoT malware Malicious behavior analysis Information Security LI, Sen GE, Mengmeng FENG, Ruitao LI, Xiaohong LAM, Kwok Yan Automatic detection and analysis towards malicious behavior in IoT malware |
| description |
Our society is rapidly moving towards the digital age, which has led to a sharp increase in IoT networks and devices. This growth requires more network security professionals, who are focused on protecting IoT systems. One crucial task is to analyze malicious software to gain a deeper understanding of its functionalities and response methods. However, malware analysis is a complex process that requires the use of various analysis tools, including advanced reverse engineering techniques. For beginners, parsing complex binary data can be particularly challenging as they may be strange with these tools and the basic principles of analysis. Even for experienced analysts, understanding reverse engineering binary files and assembly lists is daunting.Facing these challenges, we propose a two-fold solution. Firstly, we create a detailed list of analysis tools and construct a malware analysis framework aimed at simplifying the analysis process. The framework will list the key data points that need to be addressed in the analysis, providing analysts with the tools and information needed for effective malware analysis. Secondly, we will demonstrate that advanced analysis techniques by providing analysis scripts which automate the reverse engineering process in malware analysis. To evaluate the accuracy of our behavior classification system, we will use our framework and analysis scripts to analyze known malware samples. Then, we will compare the accuracy of script-based analysis results and evaluate their ability to identify malicious software behavior. Our research results indicate that by following our framework and using our scripts, we can detect over 80% critical malware behaviors in known samples, which highlights the potential of simplifying the process of malware analysis, making it easier to learn and implement. |
| format |
text |
| author |
LI, Sen GE, Mengmeng FENG, Ruitao LI, Xiaohong LAM, Kwok Yan |
| author_facet |
LI, Sen GE, Mengmeng FENG, Ruitao LI, Xiaohong LAM, Kwok Yan |
| author_sort |
LI, Sen |
| title |
Automatic detection and analysis towards malicious behavior in IoT malware |
| title_short |
Automatic detection and analysis towards malicious behavior in IoT malware |
| title_full |
Automatic detection and analysis towards malicious behavior in IoT malware |
| title_fullStr |
Automatic detection and analysis towards malicious behavior in IoT malware |
| title_full_unstemmed |
Automatic detection and analysis towards malicious behavior in IoT malware |
| title_sort |
automatic detection and analysis towards malicious behavior in iot malware |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2023 |
| url |
https://ink.library.smu.edu.sg/sis_research/8701 https://ink.library.smu.edu.sg/context/sis_research/article/9704/viewcontent/AutomaticDetection_IoT_av.pdf |
| _version_ |
1814047470764687360 |