Effective malware detection scheme based on classified behavior graph in IIoT

Yi Sun; Ali Kashif Bashir; Usman Tariq; Fei Xiao

doi:10.1016/j.adhoc.2021.102558

Effective malware detection scheme based on classified behavior graph in IIoT

Yi Sun, Ali Kashif Bashir, Usman Tariq, Fei Xiao

Management Information Systems

Research output: Contribution to journal › Article › peer-review

22 Scopus citations

Abstract

In Industrial Internet of Things(IIoT), secure transferring, computing and processing data are critical in developing automated environments, such as smart factories, smart airports and smart healthcare systems for high quality service. Therefore, how to make full use of the massive industrial data in IIoT while preventing malware intrusion and leaking out no privacy is a leading and promising work. In this paper, we focus on the research of malware detection and propose an architecture of a classified behavior graph-based intelligent detection model for malware attacks, which can not only avoid the high cost in graph matching but also achieve high malware detection accuracy. Experiments on the malware families Delf, Obfuscated, Small and Zlob, each malware family containing 880 samples, show that the highest accuracy TPR can reach up to 99.9%.

Original language	English
Article number	102558
Journal	Ad Hoc Networks
Volume	120
DOIs	https://doi.org/10.1016/j.adhoc.2021.102558
State	Published - 1 Sep 2021

Keywords

Classified behavior graph
IIoT
Malware detection
Security and privacy

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

Access to Document

10.1016/j.adhoc.2021.102558

Cite this

@article{83d37483d1e845269f53c4dc75081345,

title = "Effective malware detection scheme based on classified behavior graph in IIoT",

abstract = "In Industrial Internet of Things(IIoT), secure transferring, computing and processing data are critical in developing automated environments, such as smart factories, smart airports and smart healthcare systems for high quality service. Therefore, how to make full use of the massive industrial data in IIoT while preventing malware intrusion and leaking out no privacy is a leading and promising work. In this paper, we focus on the research of malware detection and propose an architecture of a classified behavior graph-based intelligent detection model for malware attacks, which can not only avoid the high cost in graph matching but also achieve high malware detection accuracy. Experiments on the malware families Delf, Obfuscated, Small and Zlob, each malware family containing 880 samples, show that the highest accuracy TPR can reach up to 99.9\%.",

keywords = "Classified behavior graph, IIoT, Malware detection, Security and privacy",

author = "Yi Sun and Bashir, \{Ali Kashif\} and Usman Tariq and Fei Xiao",

note = "Publisher Copyright: {\textcopyright} 2021 Elsevier B.V.",

year = "2021",

month = sep,

day = "1",

doi = "10.1016/j.adhoc.2021.102558",

language = "English",

volume = "120",

journal = "Ad Hoc Networks",

issn = "1570-8705",

publisher = "Elsevier B.V.",

}

TY - JOUR

T1 - Effective malware detection scheme based on classified behavior graph in IIoT

AU - Sun, Yi

AU - Bashir, Ali Kashif

AU - Tariq, Usman

AU - Xiao, Fei

PY - 2021/9/1

Y1 - 2021/9/1

N2 - In Industrial Internet of Things(IIoT), secure transferring, computing and processing data are critical in developing automated environments, such as smart factories, smart airports and smart healthcare systems for high quality service. Therefore, how to make full use of the massive industrial data in IIoT while preventing malware intrusion and leaking out no privacy is a leading and promising work. In this paper, we focus on the research of malware detection and propose an architecture of a classified behavior graph-based intelligent detection model for malware attacks, which can not only avoid the high cost in graph matching but also achieve high malware detection accuracy. Experiments on the malware families Delf, Obfuscated, Small and Zlob, each malware family containing 880 samples, show that the highest accuracy TPR can reach up to 99.9%.

AB - In Industrial Internet of Things(IIoT), secure transferring, computing and processing data are critical in developing automated environments, such as smart factories, smart airports and smart healthcare systems for high quality service. Therefore, how to make full use of the massive industrial data in IIoT while preventing malware intrusion and leaking out no privacy is a leading and promising work. In this paper, we focus on the research of malware detection and propose an architecture of a classified behavior graph-based intelligent detection model for malware attacks, which can not only avoid the high cost in graph matching but also achieve high malware detection accuracy. Experiments on the malware families Delf, Obfuscated, Small and Zlob, each malware family containing 880 samples, show that the highest accuracy TPR can reach up to 99.9%.

KW - Classified behavior graph

KW - IIoT

KW - Malware detection

KW - Security and privacy

UR - http://www.scopus.com/inward/record.url?scp=85107640414&partnerID=8YFLogxK

U2 - 10.1016/j.adhoc.2021.102558

DO - 10.1016/j.adhoc.2021.102558

M3 - Article

AN - SCOPUS:85107640414

SN - 1570-8705

VL - 120

JO - Ad Hoc Networks

JF - Ad Hoc Networks

M1 - 102558

ER -

Effective malware detection scheme based on classified behavior graph in IIoT

Abstract

Keywords

UN SDGs

Access to Document

Other files and links

Fingerprint

Cite this