{"title":"物联网中面向网络流量的恶意软件检测","authors":"Wangwang Wang, Yunchun Zhang, Chengjie Li, Xuchenming Sun, Yuting Zhong, Xin Zhang","doi":"10.1109/NaNA53684.2021.00059","DOIUrl":null,"url":null,"abstract":"With the wide popularity of Internet-of-Things (IoT), machine learning-based malware detection systems are incapable of being installed on IoT devices due to restricted computing power and resources. To bridging the above gap, this paper proposes an integrated deep learning system for malware detection based on features extracted from network packet, NetFlow and malware samples. By referring models popular in natural language processing domain, 7 neural networks with attention mechanism are designed based on both character-level and word-level features. The results demonstrated that all models achieve satisfactory performance on accuracy, recall, precision and F1-Score. Among them, Transformer outperforms other models on character-level features with 99.83% accuracy. By using word-level features, all models achieve better performance than models on character-level features with the best accuracy as 99.54%. By visualizing heat map, we measured and ordered features in descending order based on their contributions to final classification. It is important to find out that features that greatly contribute in IoT malware detection are almost the same with those in network anomaly detection.","PeriodicalId":185215,"journal":{"name":"International Conference on Networking and Network Applications","volume":"92 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Network Traffic Oriented Malware Detection in IoT (Internet-of-Things)\",\"authors\":\"Wangwang Wang, Yunchun Zhang, Chengjie Li, Xuchenming Sun, Yuting Zhong, Xin Zhang\",\"doi\":\"10.1109/NaNA53684.2021.00059\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"With the wide popularity of Internet-of-Things (IoT), machine learning-based malware detection systems are incapable of being installed on IoT devices due to restricted computing power and resources. To bridging the above gap, this paper proposes an integrated deep learning system for malware detection based on features extracted from network packet, NetFlow and malware samples. By referring models popular in natural language processing domain, 7 neural networks with attention mechanism are designed based on both character-level and word-level features. The results demonstrated that all models achieve satisfactory performance on accuracy, recall, precision and F1-Score. Among them, Transformer outperforms other models on character-level features with 99.83% accuracy. By using word-level features, all models achieve better performance than models on character-level features with the best accuracy as 99.54%. By visualizing heat map, we measured and ordered features in descending order based on their contributions to final classification. It is important to find out that features that greatly contribute in IoT malware detection are almost the same with those in network anomaly detection.\",\"PeriodicalId\":185215,\"journal\":{\"name\":\"International Conference on Networking and Network Applications\",\"volume\":\"92 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Conference on Networking and Network Applications\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NaNA53684.2021.00059\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Conference on Networking and Network Applications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NaNA53684.2021.00059","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Network Traffic Oriented Malware Detection in IoT (Internet-of-Things)
With the wide popularity of Internet-of-Things (IoT), machine learning-based malware detection systems are incapable of being installed on IoT devices due to restricted computing power and resources. To bridging the above gap, this paper proposes an integrated deep learning system for malware detection based on features extracted from network packet, NetFlow and malware samples. By referring models popular in natural language processing domain, 7 neural networks with attention mechanism are designed based on both character-level and word-level features. The results demonstrated that all models achieve satisfactory performance on accuracy, recall, precision and F1-Score. Among them, Transformer outperforms other models on character-level features with 99.83% accuracy. By using word-level features, all models achieve better performance than models on character-level features with the best accuracy as 99.54%. By visualizing heat map, we measured and ordered features in descending order based on their contributions to final classification. It is important to find out that features that greatly contribute in IoT malware detection are almost the same with those in network anomaly detection.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
