EDIMA: Early Detection of IoT Malware Network Activity Using Machine Learning Techniques

06/24/2019
by   Ayush Kumar, et al.
0

The widespread adoption of Internet of Things has led to many security issues. Post the Mirai-based DDoS attack in 2016 which compromised IoT devices, a host of new malware using Mirai's leaked source code and targeting IoT devices have cropped up, e.g. Satori, Reaper, Amnesia, Masuta etc. These malware exploit software vulnerabilities to infect IoT devices instead of open TELNET ports (like Mirai) making them more difficult to block using existing solutions such as firewalls. In this research, we present EDIMA, a distributed modular solution which can be used towards the detection of IoT malware network activity in large-scale networks (e.g. ISP, enterprise networks) during the scanning/infecting phase rather than during an attack. EDIMA employs machine learning algorithms for edge devices' traffic classification, a packet traffic feature vector database, a policy module and an optional packet sub-sampling module. We evaluate the classification performance of EDIMA through testbed experiments and present the results obtained.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
01/15/2019

Early Detection Of Mirai-Like IoT Bots In Large-Scale Networks Through Sub-Sampled Packet Traffic Analysis

The widespread adoption of Internet of Things has led to many security i...
research
11/03/2021

A Survey of Machine Learning Algorithms for Detecting Malware in IoT Firmware

This work explores the use of machine learning techniques on an Internet...
research
11/27/2022

Devils in the Clouds: An Evolutionary Study of Telnet Bot Loaders

One of the innovations brought by Mirai and its derived malware is the a...
research
11/06/2020

Towards Obfuscated Malware Detection for Low Powered IoT Devices

With the increased deployment of IoT and edge devices into commercial an...
research
05/05/2021

Current State of IPv6 Security in IoT

This report presents the current state of security in IPv6 for IoT devic...
research
10/29/2021

Evaluation of an Anomaly Detector for Routers using Parameterizable Malware in an IoT Ecosystem

This work explores the evaluation of a machine learning anomaly detector...
research
12/15/2022

A New Deep Boosted CNN and Ensemble Learning based IoT Malware Detection

Security issues are threatened in various types of networks, especially ...

Please sign up or login with your details

Forgot password? Click here to reset