Abstract
Internet of Things devices have seen a rapid growth and popularity in recent years with many more ordinary devices gaining network capability and becoming part of the ever growing IoT network. With this exponential growth and the limitation of resources, it is becoming increasingly harder to protect against security threats such as malware due to its evolving faster than the defence mechanisms can handle with. The traditional security systems are not able to detect unknown malware as they use signature-based methods. In this paper, we aim to address this issue by introducing a novel IoT malware traffic analysis approach using neural network and binary visualisation. The prime motivation of the proposed approach is to faster detect and classify new malware (zero-day malware). The experiment results show that our method can satisfy the accuracy requirement of practical application.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
IOT Analytics. https://iot-analytics.com/state-of-the-iot-update-q1-q2-2018-number-of-iot-devices-now-7b/. Accessed 02 Apr 2019
Anthony, O., John, O., Siman, E.: Intrusion detection in Internet of Things (IoT). Int. J. Adv. Res. Comput. 9(1) (2018)
Schneier on Security. https://www.schneier.com/blog/archives/2018/06/e-mail_vulnerab.html. Accessed 02 Apr 2019
Symantec. https://www.symantec.com/content/dam/symantec/docs/reports/istr-23-2018-en.pdf. Accessed 02 Apr 2019
McAfee. https://securingtomorrow.mcafee.com/consumer/mobile-and-iot-security/top-trending-iot-malware-attacks-of-2018/. Accessed 10 Mar 2019
Gandotra, E., Bansal, D., Sofat, S.: Malware analysis and classification: a survey. J. Inf. Secur. 5(02), 56–64 (2014)
Santos, I., Nieves, J., Bringas, P.G.: Semi-supervised learning for unknown malware detection. In: Abraham, A., Corchado, J.M., González, S.R., De Paz Santana, J.F. (eds.) International Symposium on Distributed Computing and Artificial Intelligence, pp. 415–422. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19934-9_53
Garcia-Teodoro, P., Diaz-Verdejo, J., Maciá-Fernández, G., Vázquez, E.: Anomaly-based network intrusion detection: techniques, systems and challenges. Comput. Secur. 28(1–2), 18–28 (2009)
Gao, N., Gao, L., Gao, Q., Wang, H.: An intrusion detection model based on deep belief networks. In: 2014 Second International Conference on Advanced Cloud and Big Data, IEEE, Huangshan, China, pp. 247–252 (2014)
Shone, N., Ngoc, T.N., Phai, V.D., Shi, Q.: A deep learning approach to network intrusion detection. IEEE Trans. Emerg. Top. Comput. Intell. 2(1), 41–50 (2018)
Torres, P., Catania, C., Garcia, S., Garino, C.G.: An analysis of recurrent neural networks for botnet detection behavior. In: 2016 IEEE biennial congress of Argentina (ARGENCON), IEEE, pp. 1–6 (2016)
Wang, W., Zhu, M., Zeng, X., Ye, X., Sheng, Y.: Malware traffic classification using convolutional neural network for representation learning. In: 2017 International Conference on Information Networking (ICOIN), IEEE, Da Nang, Vietnam, pp. 712–717 (2017)
Bezerra, V.H., da Costa, V.G.T., Martins, R.A., Junior, S.B., Miani, R.S., Zarpelao, B.B.: Providing IoT host-based datasets for intrusion detection research. In: SBSeg 2018, SBC, pp. 15–28 (2018)
Baptista, I., Shiaeles, S., Kolokotronis, N.: A Novel Malware Detection System Based On Machine Learning and Binary Visualization. arXiv preprint arXiv:1904.00859 (2019)
Zhou, D., Yan, Z., Fu, Y., Yao, Z.: A survey on network data collection. J. Network Comput. Appl. 116, 9–23 (2018)
Python. Python.org, https://docs.python.org/3/library/socket.html. Accessed 03 Jan 2019
binvis.io. http://binvis.io/#/. Accessed 12 Mar 2019
Jagadish, H.V.: Analysis of the Hilbert curve for representing two-dimensional space. Inf. Process. Lett. 62(1), 17–22 (1997)
Abadi, M., et al.: TensorFlow: a system for large-scale machine learning. In: 12th {USENIX} Symposium on Operating Systems Design and Implementation ({OSDI} 16), pp. 265–283 (2016)
Géron, A.: Hands-On Machine Learning with Scikit-Learn and TensorFlow: Concepts, Tools, and Techniques to Build Intelligent Systems. O’Reilly Media, Inc. (2017)
MobileNet. https://ai.googleblog.com/2017/06/mobilenets-open-source-models-for.html. Accessed 23 Feb 2019
Abdellatif. A.: Image Classification using Deep Neural Networks—A beginner friendly approach using TensorFlow. https://medium.com/@tifa2up/image-classification-using-deep-neural-networks-a-beginner-friendly-approach-using-tensorflow-94b0a090ccd4. Accessed 23 Feb 2019
McAfee. https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/casinos-high-roller-database-iot-thermometer/. Accessed 15 May 2019
Huseby, S.H.: Common security problems in the code of dynamic web applications. Web Application Security Consortium (2005). www.webappsec.org
Afianian, A., Niksefat, S., Sadeghiyan, B., Baptiste, D.: Malware Dynamic Analysis Evasion Techniques: A Survey. arXiv preprint arXiv:1811.01190 (2018)
Büschkes, R., Laskov, P.: Detection of intrusions and malware and vulnerability assessment. In: Proceedings of Third International Conference DIMVA, pp. 13–14, July 2006
Snort-IDS. https://www.snort.org/. Accessed 10 Mar 2019
Suricata. https://suricata-ids.org/. Accessed 10 Mar 2019
Roesch, M.: Lightweight intrusion detection for networks. In: Proceedings of LISA, vol. 99 (2005)
Shah, S.A.R., Issac, B.: Performance comparison of intrusion detection systems and application of machine learning to Snort system. Future Gener. Comput. Syst. 80, 157–170 (2018)
Acknowledgement
This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement no. 786698. This work reflects authors’ view and Agency is not responsible for any use that may be made of the information it contains.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Shire, R., Shiaeles, S., Bendiab, K., Ghita, B., Kolokotronis, N. (2019). Malware Squid: A Novel IoT Malware Traffic Analysis Framework Using Convolutional Neural Network and Binary Visualisation. In: Galinina, O., Andreev, S., Balandin, S., Koucheryavy, Y. (eds) Internet of Things, Smart Spaces, and Next Generation Networks and Systems. NEW2AN ruSMART 2019 2019. Lecture Notes in Computer Science(), vol 11660. Springer, Cham. https://doi.org/10.1007/978-3-030-30859-9_6
Download citation
DOI: https://doi.org/10.1007/978-3-030-30859-9_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-30858-2
Online ISBN: 978-3-030-30859-9
eBook Packages: Computer ScienceComputer Science (R0)