IEEE Access (Jan 2021)

A Survey on Cross-Architectural IoT Malware Threat Hunting

  • Anandharaju Durai Raju,
  • Ibrahim Y. Abualhaol,
  • Ronnie Salvador Giagone,
  • Yang Zhou,
  • Shengqiang Huang

DOI
https://doi.org/10.1109/ACCESS.2021.3091427
Journal volume & issue
Vol. 9
pp. 91686 – 91709

Abstract

Read online

In recent years, the increase in non-Windows malware threats had turned the focus of the cybersecurity community. Research works on hunting Windows PE-based malwares are maturing, whereas the developments on Linux malware threat hunting are relatively scarce. With the advent of the Internet of Things (IoT) era, smart devices that are getting integrated into human life have become a hackers’ highway for their malicious activities. The IoT devices employ various Unix-based architectures that follow ELF (Executable and Linkable Format) as their standard binary file specification. This study aims at providing a comprehensive survey on the latest developments in cross-architectural IoT malware detection and classification approaches. Aided by a modern taxonomy, we discuss the feature representations, feature extraction techniques, and machine learning models employed in the surveyed works. We further provide more insights on the practical challenges involved in cross-architectural IoT malware threat hunting and discuss various avenues to instill potential future research.

Keywords