Top

Cluster Computing

Published in:

03-08-2022

HeuCrip: a malware detection approach for internet of battlefield things

Authors: Imtiaz Ali shah, Abid Mehmood, Abdul Nasir Khan, Mourad Elhadef, Atta ur Rehman Khan

Published in: Cluster Computing | Issue 2/2023

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

To improve the accuracy of malware detection on the Internet of Battlefield Things (IoBTs), a class of malware detection techniques transforms the benign and malware files into control flow graph (CFG) for better detection of malwares. In the construction process of CFG, the binary code of a file is transformed into opcodes using disassemblers. Probability CFGs are generated where vertices represent the opcodes and the edges between the opcodes represent the probability of occurrence of those opcodes in the file. Probability CFGs are fed to the deep learning model for further training and testing. The accuracy of deep learning model depends on the probability of CFGs. If the graph generation techniques reflectorize the binary file more accurately, then the result of the deep learning malware detection model is likely to be more accurate. In this research, we identify the limitations of the existing probability CFG techniques, propose a new probability CFG generation technique which is the combination of crisp and heuristic approaches called HeuCrip, and compare the proposed technique with the existing state-of-the-art schemes. The experimental results show that the HeuCrip achieved 99.93% accuracy, and show significant improvement in performance as compared to the existing state-of-the-art schemes.

previous article An improved hash algorithm for monitoring network traffic in the internet of things

next article MultiHop optimal time complexity clustering for emerging IoT applications

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Mohd, N., Singh, A., Bhadauria, H., Wazid, M.: An efficient node placement scheme to mitigate routing attacks in Internet of Battlefield Things’. Comput. Electr. Eng. 97, 107623 (2022)CrossRef

Prajapati, S., Singh, A.: Cyber-Attacks on internet of things (IoT) devices, attack vectors, and remedies: a position paper. In: Verma, J.K., Saxena, D. (eds.) IoT and Cloud Computing for Societal Good, pp. 277–295. Springer, Cham (2022)CrossRef

Parameshwari, M.V., Premkumar, M.P., Srinevasan, M.M., Logeswari, M.V., Junaid Rahman, P.V.: An intelligent bionic person for bomb detection and diffusion using internet of things (IoT) in military application. Int. J. Mech. Eng. 6(3), 1029–1038 (2021)

Ahmed, N.U.: Integrating machine learning in military intelligence process: study of futuristic approaches towards human-machine collaboration. Natl. Def. Coll. E-J. 2, 59–89 (2022)

Aziz, M.F., Khan, A.N., Shuja, J., Khan, I.A., Khan, F.G., Khan, A.U.R.: A lightweight and compromise-resilient authentication scheme for IoTs. Trans. Emerg. Telecommun. Technol. 33, e3813 (2019)

Adeel, A., Ali, M., Khan, A.N., Khalid, T., Rehman, F., Jararweh, Y., Shuja, J.: A multi-attack resilient lightweight IoT authentication scheme. Trans. Emerg. Telecommun. Technol. 33, e3676 (2019)

Abbas, S., Nasir, Q., Nouichi, D., Abdelsalam, M., Abu Talib, M., Abu Waraga, O.: ‘Improving security of the internet of things via RF fingerprinting based device identification system. Neural Comput. Appl. 33, 14753–14769 (2021)CrossRef

Herrero, R.: Ultrasonic physical layers as building blocks of IoT stacks. Internet Things 18, 100489 (2022)CrossRef

Khan, A.N., Kiah, M., Ali, M., Madani, S.A., Shamshirband, S.: BSS:block-based sharing scheme for secure data storage services in mobile cloud environment’. J. Supercomput. 70, 946–976 (2014)CrossRef

10.

Khan, A.N., Mat Kiah, M., Ali, M., Shamshirband, S.: A cloud-manager-based re-encryption scheme for mobile users in cloud environment: a hybrid approach’. J. Grid Comput. 13, 651–675 (2015)CrossRef

11.

Othman, M., Khan, A.N., Abid, S.A., Madani, S.A.: MobiByte: an application development model for mobile cloud computing. J. Grid Comput. 13, 605–628 (2015)CrossRef

12.

Rondon, L.P., Babun, L., Aris, A., Akkaya, K., Uluagac, A.S.: Survey on enterprise Internet-of-Things systems (E-IoT): a security perspective. Ad Hoc Netw. 125, 102728 (2022)CrossRef

13.

Othman, M., Ali, M., Khan, A.N., Madani, S.A.: Pirax: framework for application piracy control in mobile cloud environment. J. Supercomput. 68, 753–776 (2014)CrossRef

14.

Rashid, A., Masood, A., Khan, A.U.R.: Zone of trust: blockchain assisted IoT authentication to support cross-communication between bubbles of trusted IoTs’. Cluster Comput. (2022). https://doi.org/10.1007/s10586-022-03583-6CrossRef

15.

Khurshid, A., Khan, A.N., Khan, F.G., Ali, M., Shuja, J., Khan, A.U.R.: Secure-CamFlow: A device-oriented security model to assist information flow control systems in cloud environments for IoTs. Concurr. Comput. Pract. Exp. 31, e4729 (2019)CrossRef

16.

Dobrilović, D., Brtka, V., Jotanović, G., Stojanov, Ž., Jauševac, G., and Malić, M.: Architecture of IoT system for smart monitoring and management of traffic noise. In: 5th EAI International Conference on Management of Manufacturing Systems, pp. 251–266. Springer (2022)

17.

Kottursamy, K., Sadayappillai, B., Raja, G.: Optimized D-RAN Aware Data Retrieval for 5G Information Centric Networks. Wireless Pers. Commun. 124, 1011 (2021)CrossRef

18.

Qiu, S., Zhao, H., Jiang, N., Wang, Z., Liu, L., An, Y., Zhao, H., Miao, X., Liu, R., Fortino, G.: Multi-sensor information fusion based on machine learning for real applications in human activity recognition: state-of-the-art and research challenges. Inf. Fusion 80, 241–265 (2022)CrossRef

19.

Günay, F.B., Öztürk, E., Çavdar, T., Hanay, Y.S., Khan, A.U.R.: Vehicular ad hoc network (VANET) localization techniques: a survey. Arch. Comput. Methods Eng. 28, 3001–3033 (2021)CrossRef

20.

Podder, P., Mondal, M., Bharati, S., Paul, P.K.: Review on the security threats of internet of things. Int. J. Comput. Appl. 176(41), 37–45 (2021)

21.

Roseline, S.A., Geetha, S., Kadry, S., Nam, Y.: Intelligent vision-based malware detection and classification using deep random forest paradigm. IEEE Access 8, 206303–206324 (2020)CrossRef

22.

Baek, S., Jeon, J., Jeong, B., Jeong, Y.-S.: Two-stage hybrid malware detection using deep learning. Hum. Centric Comput. Inf. Sci. 11, 2021 (2021)

23.

Razgallah, A., Khoury, R., Hallé, S., Khanmohammadi, K.: A survey of malware detection in Android apps: recommendations and perspectives for future research. Comput. Sci. Rev. 39, 100358 (2021)CrossRef

24.

Rahul, Kedia, P., Sarangi, S., Monika: Analysis of machine learning models for malware detection. J. Discret. Math. Sci. Cryptogr. 23, pp. 395–407 (2020)

25.

Kouliaridis, V., Kambourakis, G.: A comprehensive survey on machine learning techniques for android malware detection. Inf. Fusion 12, 185 (2021)

26.

Chakravarty, A.K., Raj, A., Paul, S., Apoorva, S.: A study of signature-based and behaviour-based malware detection approaches. Int. J. Adv. Res. Ideas Innov. Technol. 5(3), 1509–1511 (2019)

27.

Jalilian, A., Narimani, Z., Ansari, E.: Static signature-based malware detection using opcode and binary information. In: The 7th International Conference on Contemporary Issues in Data Science, pp. 24–35. Springer (2019)

28.

Saqib, M.N., Kiani, J., Shahzad, B., Anjum, A., Ahmad, N., Khan, A.U.R.: Anonymous and formally verified dual signature based online e-voting protocol. Cluster Comput. 22, 1703–1716 (2019)CrossRef

29.

Ashawa, M., Morris, S.: Modeling correlation between android permissions based on threat and protection level using exploratory factor plane analysis’. J. Cybersecur. Privacy 1, 704–743 (2021)CrossRef

30.

Jogsan, S.: A survey on permission based malware detection in android applications. Int. J. Eng. Res. 9(4), 844–847 (2020)

31.

Khalid, T., Khan, A.N., Ali, M., Adeel, A., Shuja, J.: A fog-based security framework for intelligent traffic light control system. Multimed. Tools Appl. 78, 24595–24615 (2020)CrossRef

32.

Yildiz, O., Doğru, I.A.: Permission-based android malware detection system using feature selection with genetic algorithm. Int. J. Softw. Eng. Knowl. Eng. 29, 245–262 (2019)CrossRef

33.

Bilal, S.M., Ali, S.: Review and performance analysis of position based routing in VANETs. Wirel. Pers. Commun. 94, 559–578 (2017)CrossRef

34.

Cheng, B., Tong, Q., Wang, J., Tian, W.: Malware clustering using family dependency graph. IEEE Access 7, 72267–72272 (2019)CrossRef

35.

Gul, B., Khan, I.A., Mustafa, S., Khalid, O., Khan, A.U.R.: CPU–RAM-based energy-efficient resource allocation in clouds. J. Supercomput. 75, 7606–7624 (2019)CrossRef

36.

Wan, T.-L., Ban, T., Lee, Y.-T., Cheng, S.-M., Isawa, R., Takahashi, T., Inoue, D.: IoT-malware detection based on byte sequences of executable files. In: 15th Asia Joint Conference on Information Security, pp. 143–150. IEEE (2020)

37.

Khan, A.N., Mat Kiah, M., Madani, S.A., Ali, M.: Enhanced dynamic credential generation scheme for protection of user identity in mobile-cloud computing. J. Supercomput. 66, 1687–1706 (2013)CrossRef

38.

Khan, A., Morsi, Y., Zhu, T., Ahmad, A., Xie, X., Yu, F., Mo, X.: ‘Electrospinning: an emerging technology to construct polymer-based nanofibrous scaffolds for diabetic wound healing. Front. Mater. Sci. 15, 10–35 (2021)CrossRef

39.

Aslan, Ö.A., Samet, R.: A comprehensive review on malware detection approaches’. IEEE Access 8, 6249–6271 (2020)CrossRef

40.

Abusnaina, A., Khormali, A., Alasmary, H., Park, J., Anwar, A., Mohaisen, A.: Adversarial learning attacks on graph-based IoT malware detection systems. In: IEEE 39th International Conference on Distributed Computing Systems, pp. 1296–1305 (2019)

41.

Zhang, J., Qin, Z., Zhang, K., Yin, H., Zou, J.: Dalvik opcode graph based android malware variants detection using global topology features. IEEE Access 6, 51964–51974 (2018)CrossRef

42.

Jeon, S., Moon, J.: Malware-detection method with a convolutional recurrent neural network using opcode sequences. Inf. Sci. 535, 1–15 (2020)MathSciNetCrossRef

43.

Lu, R.: Malware detection with lstm using opcode language. arXiv preprint arXiv:1906.04593 (2019)

44.

Pektaş, A., Acarman, T.: Learning to detect Android malware via opcode sequences. Neurocomputing 396, 599–608 (2020)CrossRef

45.

Darabian, H., Homayounoot, S., Dehghantanha, A., Hashemi, S., Karimipour, H., Parizi, R.M., Choo, K.-K.R.: Detecting cryptomining malware: a deep learning approach for static and dynamic analysis. J. Grid Comput. 18, 293–303 (2020)CrossRef

46.

Sun, Z., Rao, Z., Chen, J., Xu, R., He, D., Yang, H., Liu, J.: An opcode sequences analysis method for unknown malware detection. In: Proceedings of the 2nd International Conference on Geoinformatics and Data Analysis, pp. 15–19 (2019)

47.

Farrokhmanesh, M., Hamzeh, A.: Music classification as a new approach for malware detection. J. Comput. Virol. Hacking Tech. 15, 77–96 (2019)CrossRef

48.

Yin, H., Zhang, J., Qin, Z.: A malware variants detection methodology with an opcode-based feature learning method and a fast density-based clustering algorithm. Int. J. Comput. Sci. Eng. 21, 19–29 (2020)

49.

Vasan, D., Alazab, M., Venkatraman, S., Akram, J., Qin, Z.: MTHAEL: cross-architecture IoT malware detection based on neural network advanced ensemble learning. IEEE Trans. Comput. 69, 1654–1667 (2020)CrossRef

50.

Li, D., Zhao, L., Cheng, Q., Lu, N., Shi, W.: Opcode sequence analysis of Android malware by a convolutional neural network’. Concurr. Comput. Pract. Exp. 32, e5308 (2020)CrossRef

51.

Dixit, P., Silakari, S.: Analysis of state-of-art attack detection methods using recurrent neural network. In: Proceedings of the International Conference on Paradigms of Communication, Computing and Data Sciences, pp. 795–804. Springer (2022)

52.

Nayak, S., Bhat, M., Reddy, N.S., Rao, B.A.: Study of distance metrics on k-nearest neighbor algorithm for star categorization. J. Phys. Conf. Ser. 2161, 012004 (2022)CrossRef

53.

Dadi, S., Abid, M.: Enhanced intrusion detection system based on autoencoder network and support vector machine. Netw. Intell. Syst. Secur. 114, 327–341 (2022)

54.

Azmoodeh, A., Dehghantanha, A., Choo, K.-K.R.: Robust malware detection for internet of (battlefield) things devices using deep eigenspace learning. IEEE Trans. Sustain. Comput. 4, 88–95 (2018)CrossRef

55.

Hashemi, H., Azmoodeh, A., Hamzeh, A., Hashemi, S.: Graph embedding as a new approach for unknown malware detection. J. Comput. Virol. Hacking Tech. 13, 153–166 (2017)CrossRef

56.

Alasmary, H., Anwar, A., Park, J., Choi, J., Nyang, D., and Mohaisen, A.: Graph-based comparison of IoT and android malware. In: International Conference on Computational Social Networks, pp. 259–272 (2018)

57.

Alasmary, H., Khormali, A., Anwar, A., Park, J., Choi, J., Abusnaina, A., Awad, A., Nyang, D., Mohaisen, A.: Analyzing and detecting emerging Internet of Things malware: A graph-based approach. IEEE Internet Things J. 6, 8977–8988 (2019)CrossRef

58.

Dovom, E.M., Azmoodeh, A., Dehghantanha, A., Newton, D.E., Parizi, R.M., Karimipour, H.: Fuzzy pattern tree for edge malware detection and categorization in IoT. J. Syst. Architect. 97, 1–7 (2019)CrossRef

59.

Alasmary, H., Abusnaina, A., Jang, R., Abuhamad, M., Anwar, A., Nyang, D., Mohaisen, D.: Soteria: detecting adversarial examples in control flow graph-based malware classifiers. In: IEEE 40th International Conference on Distributed Computing Systems, pp. 888–898. IEEE (2020)

60.

Li, C., Shen, G., Sun, W.: Cross-Architecture internet-of-things malware detection based on graph neural network. In: International Joint Conference on Neural Networks, pp. 1–7. IEEE (2021)

61.

Huang, Y., Qiao, M., Liu, F., Li, X., Gui, H., Zhang, C.: ‘Binary code traceability of multigranularity information fusion from the perspective of software genes. Comput. Secur. 114, 102607 (2022)CrossRef

62.

Alrabaee, S.: A stratified approach to function fingerprinting in program binaries using diverse features. Expert Syst. Appl. 193, 116384 (2022)CrossRef

63.

Naveen, N., Safwan, M.A., Manoj Nayaka, T., Nischal, N.: Deep learning based malware detection for IoT devices. In: Proceeding of The 2nd International Conference on Data Science, Machine Learning and Applications, pp. 1247–1254. Springer (2022)

64.

Sahoo, D.: Cyber threat attribution with multi-view heuristic analysis. In: Choo, K.K.R., Dehghantanha, A. (eds.) Handbook of Big Data Analytics and Forensics, pp. 53–73. Springer, Berlin (2022)CrossRef

65.

Kim, J.-Y., Cho, S.-B.: Obfuscated malware detection using deep generative model based on Global/Local features. Comput. Secur. 112, 102501 (2022)CrossRef

66.

Gülmez, S., Sogukpinar, I.: Graph-based malware detection using opcode sequences. In: 9th International Symposium on Digital Forensics and Security, pp. 1–5. IEEE (2021)

67.

Ou, F., Xu, J.: ‘S3Feature: a static sensitive subgraph-based feature for android malware detection. Comput. Secur. 112, 102513 (2022)CrossRef

68.

Jamal, A., Hayat, M.F., Nasir, M.: Malware detection and classification in IoT network using ANN. Mehran Univ. Res. J. Eng. Technol. 41, 80–91 (2022)CrossRef

69.

Zhu, X., Zhang, R., Zhu, W.: MDMD options discovery for accelerating exploration in sparse-reward domains. Knowl. Based Syst. 241, 108151 (2022)CrossRef

70.

Chung, F.R.K, Graham, F.C.: Spectral graph theory, Vol. 92. American Mathematical Society (1997)

71.

Krithika, V., Vijaya, M.: Malware and benign detection using convolutional neural network. In: Bhateja, V., Satapathy, S.C. (eds.) Data Engineering and Intelligent Computing, pp. 37–45. Springer, Berlin (2021)CrossRef

Title: HeuCrip: a malware detection approach for internet of battlefield things
Authors: Imtiaz Ali shah
Abid Mehmood
Abdul Nasir Khan
Mourad Elhadef
Atta ur Rehman Khan
Publication date: 03-08-2022
Publisher: Springer US
Published in: Cluster Computing / Issue 2/2023
Print ISSN: 1386-7857
Electronic ISSN: 1573-7543
DOI: https://doi.org/10.1007/s10586-022-03618-y

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 2/2023

MultiHop optimal time complexity clustering for emerging IoT applications

DCOPA: a distributed clustering based on objects performances aggregation for hierarchical communications in IoT applications

Mitigating voltage fingerprint spoofing attacks on the controller area network bus

Lightweight Gramian Angular Field classification for edge internet of energy applications

Towards performance evaluation prediction in WSNs using artificial neural network multi-perceptron

On detecting distributed denial of service attacks using fuzzy inference system

Premium Partner