Abstract
The Internet of Things (IoT) has been an immediate major turning point in information and communication technology as it gives room for connection and information sharing among numerous devices. Notwithstanding, malicious code attacks have exponentially increased, with malicious code variants ranked as a major threat in resource constrained devices in IoT environment thereby making the efficient malware variants detection a serious concern for researchers in recent years. The capacity to detect malware variants is essential for protection against security breaches, data theft and other dangers. Hence with the explosion of resource constrained devices for IoT applications, it becomes very important to document existing cutting-edge techniques developed to detect malware variants in these devices. In this paper, we have investigated extensively the implementation of malware variants detection models particularly in smartphones as a case study for resource constrained devices. The paper covers the current techniques for detection of malware variants, comprehensive assessment of the techniques and recommendations for future researches.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References.
Liang, G., Pang, J., Dai, C.: A behavior-based malware variant classification technique. Int. J. Inf. Educ. Technol. 6(4), 291 (2016)
Av test: Facts and figures - security report 2016/2017 (2017). https://www.av-test.org/fileadmin/pdf/security_report/AV-TEST_Security_Report_2016-2017.pdf
Internet SecurityThreat Report (ISTR) (2018). https://www.symantec.com/security-center/threat-report.
Naeem, H., Guo, B., Naeem, M.R., Ullah, F., Aldabbas, H., Javed, M.S.: Identification of malicious code variants based on image visualization. Comput. Electr. Eng. 76, 225–237 (2019)
Han, K., Lim, J.H., Im, E.G.: Malware analysis method using visualization of binary files. In: Proceedings of the 2013 Research in Adaptive and Convergent Systems, pp. 317–321 (2013)
Awad, R.A., Sayre, K.D.: Automatic clustering of malware variants. In: 2016 IEEE Conference on Intelligence and Security Informatics (ISI), pp. 298–303. IEEE, September 2016
Beaucamps, P.: Advanced polymorphic techniques. Int. J. Comput. Sci. 2(3), 194–205 (2007)
Han, K.S., Kang, B., Im, E.G.: Malware classification using instruction frequencies. In: Proceedings of the 2011 ACM Symposium on Research in Applied Computation, pp. 298–300, November 2011
Hu, X.: Large Scale Malware Analysis, Detection and Signature Generation (Doctoral dissertation) (2011)
Santos, I., Brezo, F., Ugarte-Pedrero, X., Bringas, P.G.: Opcode sequences as representation of executables for data-mining-based unknown malware detection. Inf. Sci. 231, 64–82 (2013)
Cesare, S., Xiang, Y., Zhou, W.: Control flow-based malware variantdetection. IEEE Trans. Dependable Secure Comput. 11(4), 307–317 (2013)
Nataraj, L., Yegneswaran, V., Porras, P., Zhang, J.: A comparative assessment of malware classification using binary texture analysis and dynamic analysis. In: Proceedings of the 4th ACM Workshop on Security and Artificial Intelligence, pp. 21–30, October 2011
Zhang, J., Qin, Z., Yin, H., Ou, L., Xiao, S., Hu, Y.: Malware variant detection using opcode image recognition with small training sets. In: 2016 25th International Conference on Computer Communication and Networks (ICCCN), pp. 1–9. IEEE, August 2016
Zhang, J., Qin, Z., Yin, H., Ou, L., Hu, Y.: IRMD: malware variant detection using opcode image recognition. In: 2016 IEEE 22nd International Conference on Parallel and Distributed Systems (ICPADS), pp. 1175–1180. IEEE, December 2016
Yang, W., Xiao, X., Andow, B., Li, S., Xie, T., Enck, W.: AppContext: differentiating malicious and benign mobile app behaviors using context. In: 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering, vol. 1, pp. 303–313. IEEE, May 2015
Zhang, J., Zhang, K., Qin, Z., Yin, H., Wu, Q.: Sensitive system calls based packed malware variants detection using principal component initialized MultiLayers neural networks. Cybersecurity 1(1), 1–13 (2018). https://doi.org/10.1186/s42400-018-0010-y
Huang, J., Zhang, X., Tan, L., Wang, P., Liang, B.: AsDroid: detecting stealthy behaviors in android applications by user interface and program behavior contradiction. In: Proceedings of the 36th International Conference on Software Engineering, pp. 1036–1046, May 2014
Patanaik, C.K., Barbhuiya, F.A., Nandi, S.: Obfuscated malware detection using API call dependency. In: Proceedings of the First International Conference on Security of Internet of Things, pp. 185–193, August 2012.
Xu, L., Zhang, D., Alvarez, M.A., Morales, J.A., Ma, X., Cavazos, J.: Dynamic android malware classification using graph-based representations. In: 2016 IEEE 3rd international conference on cyber security and cloud computing (CSCloud), pp. 220–231. IEEE, June 2016
Bai, H., Hu, C.Z., Jing, X.C., Li, N., Wang, X.Y.: Approach for malware identification using dynamic behaviour and outcome triggering. IET Inf. Secur. 8(2), 140–151 (2013)
Rieck, K., Trinius, P., Willems, C., Holz, T.: Automatic analysis of malware behavior using machine learning. J. Comput. Secur. 19(4), 639–668 (2011)
Collberg, C., Thomborson, C., Low, D.: A taxonomy of obfuscating transformations. Technical report, University of Auckland (1997)
Zhao, Y., Xu, C., Bo, B., Feng, Y.: MalDeep: a deep learning classification framework against malware variants based on texture visualization. Secur. Commun. Netw. 2019, 1–11 (2019)
Alam, S., Riley, R., Sogukpinar, I., Carkaci, N.: DroidClone: detecting android malware variants by exposing code clones. In: 2016 Sixth International Conference on Digital Information and Communication Technology and its Applications (DICTAP), pp. 79–84. IEEE, July 2016
Cui, Z., Xue, F., Cai, X., Cao, Y., Wang, G.G., Chen, J.: Detection of malicious code variants based on deep learning. IEEE Trans. Industr. Inf. 14(7), 3187–3196 (2018)
Du, D., Sun, Y., Ma, Y., Xiao, F.: A novel approach to detect malware variants based on classified behaviors. IEEE Access 7, 81770–81782 (2019)
Howard, M., Pfeffer, A., Dalai, M., Reposa, M.: Predicting signatures of future malware variants. In: 2017 12th International Conference on Malicious and Unwanted Software (MALWARE), pp. 126–132. IEEE, October 2017
Naidu, V., Narayanan, A.: Needleman-Wunsch and Smith-Waterman algorithms for identifying viral polymorphic malware variants. In: 2016 IEEE 14th International Conference on Dependable, Autonomic and Secure Computing, 14th International Conference on Pervasive Intelligence and Computing, 2nd International Conference on Big Data Intelligence and Computing and Cyber Science and Technology Congress (DASC/PiCom/DataCom/CyberSciTech), pp. 326–333. IEEE, August 2016
Bartos, K., Sofka, M., Franc, V.: Optimized invariant representation of network traffic for detecting unseen malware variants. In: 25th {USENIX} Security Symposium ({USENIX} Security 16), pp. 807–822 (2016)
Sun, M., Li, X., Lui, J.C., Ma, R.T., Liang, Z.: Monet: A user-oriented behavior-based malware variants detection system for android. IEEE Trans. Inf. Forensics Secur. 12(5), 1103–1112 (2016)
Zhang, J., Qin, Z., Zhang, K., Yin, H., Zou, J.: Dalvik opcode graph based android malware variants detection using global topology features. IEEE Access 6, 51964–51974 (2018)
Wang, T., Xu, N.: Malware variants detection based on opcode image recognition in small training set. In: 2017 IEEE 2nd International Conference on Cloud Computing and Big Data Analysis (ICCCBDA), pp. 328–332. IEEE, April 2017
Wang, C., Qin, Z., Zhang, J., Yin, H.: A malware variants detection methodology with an opcode based feature method and a fast density based clustering algorithm. In: 2016 12th International Conference on Natural Computation, Fuzzy Systems and Knowledge Discovery (ICNC-FSKD), pp. 481–487. IEEE, August 2016
Zhang, J., Qin, Z., Yin, H., Ou, L., Zhang, K.: A feature-hybrid malware variants detection using CNN based opcode embedding and BPNN based API embedding. Comput. Secur. 84, 376–392 (2019)
Faruki, P., Laxmi, V., Bharmal, A., Gaur, M.S., Ganmoor, V.: AndroSimilar: robust signature for detecting variants of Android malware. J. Inf. Secur. Appl. 22, 66–80 (2015)
Kim, H., Smith, J., Shin, K.G.: Detecting energy-greedy anomalies and mobile malware variants. In: Proceedings of the 6th International Conference On Mobile Systems, Applications, and Services, pp. 239–252, June 2008
Shen, T., Zhongyang, Y., Xin, Z., Mao, B., Huang, H.: Detect android malware variants using component based topology graph. In: 2014 IEEE 13th International Conference on Trust, security and Privacy in Computing and Communications, pp. 406–413. IEEE, September 2014
Yu, S., Zhou, S., Liu, L., Yang, R., Luo, J.: Detecting malware variants by byte frequency. J. Netw. 6(4), 63 (2011)
Acknowledgement
This research is supported by TNB Seed Fund 2019 project entitled ‘Cyber Threat Modeling for Industrial Control System and Internet of Everything’.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Chimeleze, C.U., Jamil, N., Ismail, R., Lam, KY. (2021). A Review on Malware Variants Detection Techniques for Threat Intelligence in Resource Constrained Devices: Existing Approaches, Limitations and Future Direction. In: Anbar, M., Abdullah, N., Manickam, S. (eds) Advances in Cyber Security. ACeS 2020. Communications in Computer and Information Science, vol 1347. Springer, Singapore. https://doi.org/10.1007/978-981-33-6835-4_24
Download citation
DOI: https://doi.org/10.1007/978-981-33-6835-4_24
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-33-6834-7
Online ISBN: 978-981-33-6835-4
eBook Packages: Computer ScienceComputer Science (R0)