Static Multi Feature-Based Malware Detection Using Multi SPP-net in Smart IoT Environments

Jueun Jeon, Byeonghui Jeong, Seungyeon Baek, Young Sik Jeong

Research output: Contribution to journalArticlepeer-review

10 Scopus citations

Abstract

With the steady increase in the demand for Internet of Things (IoT) devices in diverse industries, such as manufacturing, medical care, and transportation infrastructure, the production of malware tailored for Smart IoT environments is also increasing. Accordingly, various malware detection studies are being conducted to detect not only known malware but also variant malware. However, it is difficult to detect malware transformed in a way that hides malicious behavior by changing and deleting bytes or modifying the assembly code. Therefore, in this study, we propose a malware detection for static security service (Mal3S) scheme that provides a secure Smart IoT environment by accurately detecting various types of malware. Mal3S extracts bytes, opcodes, API calls, strings, and dynamic link libraries (DLLs) through static analysis and then generates five types of images. Images of various sizes are trained on a multi spatial pyramid pooling network (SPP-net) model to detect malware. When evaluating the performance of Mal3S using three malware datasets, the average detection accuracy was 98.02% and the classification accuracy was 98.43%, showing better performance than existing malware detection techniques. In addition, Mal3S has demonstrated effective generalization capabilities for various types of malware.

Original languageEnglish
Pages (from-to)2487-2500
Number of pages14
JournalIEEE Transactions on Information Forensics and Security
Volume19
DOIs
StatePublished - 2024

Keywords

  • Malware detection
  • malware image
  • smart IoT
  • spatial pyramid pooling network (SPP-net)
  • static analysis
  • static feature

Fingerprint

Dive into the research topics of 'Static Multi Feature-Based Malware Detection Using Multi SPP-net in Smart IoT Environments'. Together they form a unique fingerprint.

Cite this