Sistemas de Informação (Jun 2022)
Antivirus Applied to IoT Malware Detection based on Runtime Behaviors
Abstract
Nowadays, the Internet of Things (IoT) has a significant impact on people’s lives, reaching hundreds of billions of Internet-connected devices. Due to the popularity of smart devices, the number of tech-driven cyber attacks has increased in recent years. The constant emergence of new malware aimed at IoT, such as the botnet, the use of complex obfuscation and evasion techniques, and often the availability of large resources for its development, makes him the biggest cyber villain in IoT scenarios today. The present work creates an Antivirus for Dynamic Malware Analysis based on Artificial Neural Networks, equipped with statistical learning and Artificial Intelligence, specialized in malware detection from 32-bit IoT architectures of the Advanced RISC Machine (ARM) type. Under different starting conditions and learning functions, our antivirus architectures are investigated to maximize their accuracy. The absence or limitation in the detection of malicious software by commercial antivirus can be provided by a smart antivirus. Instead of models based on blacklists or heuristics, our antivirus allows the detection of malware on embedded Linux systems in a preventive and non-reactive way like Clamav’s modus operandi and other traditional antiviruses.
