[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to main content

A Review on Malware Variants Detection Techniques for Threat Intelligence in Resource Constrained Devices: Existing Approaches, Limitations and Future Direction

  • Conference paper
  • First Online:
Advances in Cyber Security (ACeS 2020)

Abstract

The Internet of Things (IoT) has been an immediate major turning point in information and communication technology as it gives room for connection and information sharing among numerous devices. Notwithstanding, malicious code attacks have exponentially increased, with malicious code variants ranked as a major threat in resource constrained devices in IoT environment thereby making the efficient malware variants detection a serious concern for researchers in recent years. The capacity to detect malware variants is essential for protection against security breaches, data theft and other dangers. Hence with the explosion of resource constrained devices for IoT applications, it becomes very important to document existing cutting-edge techniques developed to detect malware variants in these devices. In this paper, we have investigated extensively the implementation of malware variants detection models particularly in smartphones as a case study for resource constrained devices. The paper covers the current techniques for detection of malware variants, comprehensive assessment of the techniques and recommendations for future researches.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
£29.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
GBP 19.95
Price includes VAT (United Kingdom)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
GBP 71.50
Price includes VAT (United Kingdom)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
GBP 89.99
Price includes VAT (United Kingdom)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References.

  1. Liang, G., Pang, J., Dai, C.: A behavior-based malware variant classification technique. Int. J. Inf. Educ. Technol. 6(4), 291 (2016)

    Google Scholar 

  2. Av test: Facts and figures - security report 2016/2017 (2017). https://www.av-test.org/fileadmin/pdf/security_report/AV-TEST_Security_Report_2016-2017.pdf

  3. Internet SecurityThreat Report (ISTR) (2018). https://www.symantec.com/security-center/threat-report.

  4. Naeem, H., Guo, B., Naeem, M.R., Ullah, F., Aldabbas, H., Javed, M.S.: Identification of malicious code variants based on image visualization. Comput. Electr. Eng. 76, 225–237 (2019)

    Article  Google Scholar 

  5. Han, K., Lim, J.H., Im, E.G.: Malware analysis method using visualization of binary files. In: Proceedings of the 2013 Research in Adaptive and Convergent Systems, pp. 317–321 (2013)

    Google Scholar 

  6. Awad, R.A., Sayre, K.D.: Automatic clustering of malware variants. In: 2016 IEEE Conference on Intelligence and Security Informatics (ISI), pp. 298–303. IEEE, September 2016

    Google Scholar 

  7. Beaucamps, P.: Advanced polymorphic techniques. Int. J. Comput. Sci. 2(3), 194–205 (2007)

    Google Scholar 

  8. Han, K.S., Kang, B., Im, E.G.: Malware classification using instruction frequencies. In: Proceedings of the 2011 ACM Symposium on Research in Applied Computation, pp. 298–300, November 2011

    Google Scholar 

  9. Hu, X.: Large Scale Malware Analysis, Detection and Signature Generation (Doctoral dissertation) (2011)

    Google Scholar 

  10. Santos, I., Brezo, F., Ugarte-Pedrero, X., Bringas, P.G.: Opcode sequences as representation of executables for data-mining-based unknown malware detection. Inf. Sci. 231, 64–82 (2013)

    Article  MathSciNet  Google Scholar 

  11. Cesare, S., Xiang, Y., Zhou, W.: Control flow-based malware variantdetection. IEEE Trans. Dependable Secure Comput. 11(4), 307–317 (2013)

    Article  Google Scholar 

  12. Nataraj, L., Yegneswaran, V., Porras, P., Zhang, J.: A comparative assessment of malware classification using binary texture analysis and dynamic analysis. In: Proceedings of the 4th ACM Workshop on Security and Artificial Intelligence, pp. 21–30, October 2011

    Google Scholar 

  13. Zhang, J., Qin, Z., Yin, H., Ou, L., Xiao, S., Hu, Y.: Malware variant detection using opcode image recognition with small training sets. In: 2016 25th International Conference on Computer Communication and Networks (ICCCN), pp. 1–9. IEEE, August 2016

    Google Scholar 

  14. Zhang, J., Qin, Z., Yin, H., Ou, L., Hu, Y.: IRMD: malware variant detection using opcode image recognition. In: 2016 IEEE 22nd International Conference on Parallel and Distributed Systems (ICPADS), pp. 1175–1180. IEEE, December 2016

    Google Scholar 

  15. Yang, W., Xiao, X., Andow, B., Li, S., Xie, T., Enck, W.: AppContext: differentiating malicious and benign mobile app behaviors using context. In: 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering, vol. 1, pp. 303–313. IEEE, May 2015

    Google Scholar 

  16. Zhang, J., Zhang, K., Qin, Z., Yin, H., Wu, Q.: Sensitive system calls based packed malware variants detection using principal component initialized MultiLayers neural networks. Cybersecurity 1(1), 1–13 (2018). https://doi.org/10.1186/s42400-018-0010-y

    Article  Google Scholar 

  17. Huang, J., Zhang, X., Tan, L., Wang, P., Liang, B.: AsDroid: detecting stealthy behaviors in android applications by user interface and program behavior contradiction. In: Proceedings of the 36th International Conference on Software Engineering, pp. 1036–1046, May 2014

    Google Scholar 

  18. Patanaik, C.K., Barbhuiya, F.A., Nandi, S.: Obfuscated malware detection using API call dependency. In: Proceedings of the First International Conference on Security of Internet of Things, pp. 185–193, August 2012.

    Google Scholar 

  19. Xu, L., Zhang, D., Alvarez, M.A., Morales, J.A., Ma, X., Cavazos, J.: Dynamic android malware classification using graph-based representations. In: 2016 IEEE 3rd international conference on cyber security and cloud computing (CSCloud), pp. 220–231. IEEE, June 2016

    Google Scholar 

  20. Bai, H., Hu, C.Z., Jing, X.C., Li, N., Wang, X.Y.: Approach for malware identification using dynamic behaviour and outcome triggering. IET Inf. Secur. 8(2), 140–151 (2013)

    Article  Google Scholar 

  21. Rieck, K., Trinius, P., Willems, C., Holz, T.: Automatic analysis of malware behavior using machine learning. J. Comput. Secur. 19(4), 639–668 (2011)

    Article  Google Scholar 

  22. Collberg, C., Thomborson, C., Low, D.: A taxonomy of obfuscating transformations. Technical report, University of Auckland (1997)

    Google Scholar 

  23. Zhao, Y., Xu, C., Bo, B., Feng, Y.: MalDeep: a deep learning classification framework against malware variants based on texture visualization. Secur. Commun. Netw. 2019, 1–11 (2019)

    Google Scholar 

  24. Alam, S., Riley, R., Sogukpinar, I., Carkaci, N.: DroidClone: detecting android malware variants by exposing code clones. In: 2016 Sixth International Conference on Digital Information and Communication Technology and its Applications (DICTAP), pp. 79–84. IEEE, July 2016

    Google Scholar 

  25. Cui, Z., Xue, F., Cai, X., Cao, Y., Wang, G.G., Chen, J.: Detection of malicious code variants based on deep learning. IEEE Trans. Industr. Inf. 14(7), 3187–3196 (2018)

    Article  Google Scholar 

  26. Du, D., Sun, Y., Ma, Y., Xiao, F.: A novel approach to detect malware variants based on classified behaviors. IEEE Access 7, 81770–81782 (2019)

    Article  Google Scholar 

  27. Howard, M., Pfeffer, A., Dalai, M., Reposa, M.: Predicting signatures of future malware variants. In: 2017 12th International Conference on Malicious and Unwanted Software (MALWARE), pp. 126–132. IEEE, October 2017

    Google Scholar 

  28. Naidu, V., Narayanan, A.: Needleman-Wunsch and Smith-Waterman algorithms for identifying viral polymorphic malware variants. In: 2016 IEEE 14th International Conference on Dependable, Autonomic and Secure Computing, 14th International Conference on Pervasive Intelligence and Computing, 2nd International Conference on Big Data Intelligence and Computing and Cyber Science and Technology Congress (DASC/PiCom/DataCom/CyberSciTech), pp. 326–333. IEEE, August 2016

    Google Scholar 

  29. Bartos, K., Sofka, M., Franc, V.: Optimized invariant representation of network traffic for detecting unseen malware variants. In: 25th {USENIX} Security Symposium ({USENIX} Security 16), pp. 807–822 (2016)

    Google Scholar 

  30. Sun, M., Li, X., Lui, J.C., Ma, R.T., Liang, Z.: Monet: A user-oriented behavior-based malware variants detection system for android. IEEE Trans. Inf. Forensics Secur. 12(5), 1103–1112 (2016)

    Article  Google Scholar 

  31. Zhang, J., Qin, Z., Zhang, K., Yin, H., Zou, J.: Dalvik opcode graph based android malware variants detection using global topology features. IEEE Access 6, 51964–51974 (2018)

    Article  Google Scholar 

  32. Wang, T., Xu, N.: Malware variants detection based on opcode image recognition in small training set. In: 2017 IEEE 2nd International Conference on Cloud Computing and Big Data Analysis (ICCCBDA), pp. 328–332. IEEE, April 2017

    Google Scholar 

  33. Wang, C., Qin, Z., Zhang, J., Yin, H.: A malware variants detection methodology with an opcode based feature method and a fast density based clustering algorithm. In: 2016 12th International Conference on Natural Computation, Fuzzy Systems and Knowledge Discovery (ICNC-FSKD), pp. 481–487. IEEE, August 2016

    Google Scholar 

  34. Zhang, J., Qin, Z., Yin, H., Ou, L., Zhang, K.: A feature-hybrid malware variants detection using CNN based opcode embedding and BPNN based API embedding. Comput. Secur. 84, 376–392 (2019)

    Article  Google Scholar 

  35. Faruki, P., Laxmi, V., Bharmal, A., Gaur, M.S., Ganmoor, V.: AndroSimilar: robust signature for detecting variants of Android malware. J. Inf. Secur. Appl. 22, 66–80 (2015)

    Google Scholar 

  36. Kim, H., Smith, J., Shin, K.G.: Detecting energy-greedy anomalies and mobile malware variants. In: Proceedings of the 6th International Conference On Mobile Systems, Applications, and Services, pp. 239–252, June 2008

    Google Scholar 

  37. Shen, T., Zhongyang, Y., Xin, Z., Mao, B., Huang, H.: Detect android malware variants using component based topology graph. In: 2014 IEEE 13th International Conference on Trust, security and Privacy in Computing and Communications, pp. 406–413. IEEE, September 2014

    Google Scholar 

  38. Yu, S., Zhou, S., Liu, L., Yang, R., Luo, J.: Detecting malware variants by byte frequency. J. Netw. 6(4), 63 (2011)

    Google Scholar 

Download references

Acknowledgement

This research is supported by TNB Seed Fund 2019 project entitled ‘Cyber Threat Modeling for Industrial Control System and Internet of Everything’.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Collins Uchenna Chimeleze .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Chimeleze, C.U., Jamil, N., Ismail, R., Lam, KY. (2021). A Review on Malware Variants Detection Techniques for Threat Intelligence in Resource Constrained Devices: Existing Approaches, Limitations and Future Direction. In: Anbar, M., Abdullah, N., Manickam, S. (eds) Advances in Cyber Security. ACeS 2020. Communications in Computer and Information Science, vol 1347. Springer, Singapore. https://doi.org/10.1007/978-981-33-6835-4_24

Download citation

  • DOI: https://doi.org/10.1007/978-981-33-6835-4_24

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-33-6834-7

  • Online ISBN: 978-981-33-6835-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics