乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,5]],"date-time":"2025-05-05T07:45:50Z","timestamp":1746431150628,"version":"3.37.3"},"reference-count":60,"publisher":"MDPI AG","issue":"6","license":[{"start":{"date-parts":[[2023,3,13]],"date-time":"2023-03-13T00:00:00Z","timestamp":1678665600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Natural Science Foundation of Xinjiang Uygur Autonomous Region","award":["2021D01C082"]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"With the development of internet technology, the Internet of Things (IoT) has been widely used in several aspects of human life. However, IoT devices are becoming more vulnerable to malware attacks due to their limited computational resources and the manufacturers\u2019 inability to update the firmware on time. As IoT devices are increasing rapidly, their security must classify malicious software accurately; however, current IoT malware classification methods cannot detect cross-architecture IoT malware using system calls in a particular operating system as the only class of dynamic features. To address these issues, this paper proposes an IoT malware detection approach based on PaaS (Platform as a Service), which detects cross-architecture IoT malware by intercepting system calls generated by virtual machines in the host operating system acting as dynamic features and using the K Nearest Neighbors (KNN) classification model. A comprehensive evaluation using a 1719 sample dataset containing ARM and X86-32 architectures demonstrated that MDABP achieves 97.18% average accuracy and a 99.01% recall rate in detecting samples in an Executable and Linkable Format (ELF). Compared with the best cross-architecture detection method that uses network traffic as a unique type of dynamic feature with an accuracy of 94.5%, practical results reveal that our method uses fewer features and has higher accuracy.<\/jats:p>","DOI":"10.3390\/s23063060","type":"journal-article","created":{"date-parts":[[2023,3,13]],"date-time":"2023-03-13T07:28:33Z","timestamp":1678692513000},"page":"3060","source":"Crossref","is-referenced-by-count":6,"title":["MDABP: A Novel Approach to Detect Cross-Architecture IoT Malware Based on PaaS"],"prefix":"10.3390","volume":"23","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-9083-5308","authenticated-orcid":false,"given":"Yang","family":"Zhao","sequence":"first","affiliation":[{"name":"The College of Software, Xinjiang University, Urumqi 830046, China"}]},{"given":"Alifu","family":"Kuerban","sequence":"additional","affiliation":[{"name":"The College of Software, Xinjiang University, Urumqi 830046, China"}]}],"member":"1968","published-online":{"date-parts":[[2023,3,13]]},"reference":[{"key":"ref_1","unstructured":"Statista (2022, July 30). Number of Internet of Things (IoT) Connected Devices Worldwide from 2019 to 2021, with Forecasts from 2022 to 2030. Available online: https:\/\/www.statista.com\/statistics\/1183457\/iot-connected-devices-worldwide\/."},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"41","DOI":"10.1016\/j.iot.2018.11.003","article-title":"Securing the Internet of Things: Challenges, threats and solutions","volume":"5","author":"Grammatikis","year":"2019","journal-title":"Internet Things"},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"280","DOI":"10.1016\/j.icte.2020.04.005","article-title":"A survey of IoT malware and detection methods based on static features","volume":"6","author":"Ngo","year":"2020","journal-title":"ICT Express"},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"3436","DOI":"10.1016\/j.procs.2020.09.053","article-title":"Identification of library functions statically linked to Linux malware without symbols","volume":"176","author":"Akabane","year":"2020","journal-title":"Procedia Comput. Sci."},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Hu, X., Sun, R., Xu, K., Zhang, Y., and Chang, P. (2020\u20131, January 29). Exploit internal structural information for IoT malware detection based on hierarchical transformer model. Proceedings of the 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), Guangzhou, China.","DOI":"10.1109\/TrustCom50675.2020.00124"},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"80","DOI":"10.1109\/MWC.2019.1800505","article-title":"Detecting malware on X86-based IoT devices in autonomous driving","volume":"26","author":"Niu","year":"2019","journal-title":"IEEE Wirel. Commun."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Lee, Y.-T., Ban, T., Wan, T.-L., Cheng, S.-M., Isawa, R., Takahashi, T., and Inoue, D. (2020\u20131, January 29). Cross platform IoT-malware family classification based on printable strings. Proceedings of the 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), Guangzhou, China.","DOI":"10.1109\/TrustCom50675.2020.00106"},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"267","DOI":"10.1016\/j.future.2020.04.031","article-title":"Characterizing Linux-based malware: Findings and recent trends","volume":"110","year":"2020","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_9","first-page":"522","article-title":"IoTPOT: A novel honeypot for revealing current IoT threats","volume":"24","author":"Pa","year":"2016","journal-title":"J. Inf. Process."},{"key":"ref_10","doi-asserted-by":"crossref","first-page":"108394","DOI":"10.1016\/j.comnet.2021.108394","article-title":"MDCHD: A novel malware detection method in cloud using hardware trace and deep learning","volume":"198","author":"Tian","year":"2021","journal-title":"Comput. Netw."},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Chen, C.-Y., and Hsiao, S.-W. (2019, January 9\u201312). IoT malware dynamic analysis profiling system and family behavior analysis. Proceedings of the 2019 IEEE International Conference on Big Data (Big Data), Los Angeles, CA, USA.","DOI":"10.1109\/BigData47090.2019.9005981"},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"91686","DOI":"10.1109\/ACCESS.2021.3091427","article-title":"A survey on cross-architectural IoT malware threat hunting","volume":"9","author":"Raju","year":"2021","journal-title":"IEEE Access"},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Alhanahnah, M., Lin, Q., Yan, Q., Zhang, N., and Chen, Z. (June, January 30). Efficient signature generation for classifying cross-architecture IoT malware. Proceedings of the 2018 IEEE Conference on Communications and Network Security (CNS), Beijing, China.","DOI":"10.1109\/CNS.2018.8433203"},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Hwang, C., Hwang, J., Kwak, J., and Lee, T. (2020). Platform-independent malware analysis applicable to windows and linux environments. Electronics, 9.","DOI":"10.3390\/electronics9050793"},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"567","DOI":"10.1007\/s10207-019-00475-6","article-title":"A novel graph-based approach for IoT botnet detection","volume":"19","author":"Nguyen","year":"2020","journal-title":"Int. J. Inf. Secur."},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"161","DOI":"10.1109\/LNET.2021.3076600","article-title":"A strings-based similarity analysis approach for characterizing IoT malware and inferring their underlying relationships","volume":"3","author":"Torabi","year":"2021","journal-title":"IEEE Netw. Lett."},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"2485","DOI":"10.1109\/JIOT.2021.3086398","article-title":"SHELLCORE: Automating malicious IoT software detection using shell commands representation","volume":"9","author":"Alasmary","year":"2021","journal-title":"IEEE Internet Things J."},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"262","DOI":"10.1109\/OJCS.2020.3033974","article-title":"Efficient detection and classification of internet-of-things malware based on byte sequences from executable files","volume":"1","author":"Wan","year":"2020","journal-title":"IEEE Open J. Comput. Soc."},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"102779","DOI":"10.1016\/j.cose.2022.102779","article-title":"Deep learning based cross architecture internet of things malware detection and classification","volume":"120","author":"Chaganti","year":"2022","journal-title":"Comput. Secur."},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Wan, T.-L., Ban, T., Lee, Y.-T., Cheng, S.-M., Isawa, R., Takahashi, T., and Inoue, D. (2020, January 20\u201321). IoT-malware detection based on byte sequences of executable files. Proceedings of the 2020 15th Asia Joint Conference on Information Security (AsiaJCIS), Taipei, Taiwan.","DOI":"10.1109\/AsiaJCIS50894.2020.00033"},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"8977","DOI":"10.1109\/JIOT.2019.2925929","article-title":"Analyzing and detecting emerging Internet of Things malware: A graph-based approach","volume":"6","author":"Alasmary","year":"2019","journal-title":"IEEE Internet Things J."},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Lai, J., Hu, D., Yin, A., and Lu, L. (2021, January 13\u201315). Edge Intelligence (EI)-Enabled Malware Internet of Things (IoT) Detection System. Proceedings of the 2021 IEEE 4th International Conference on Computer and Communication Engineering Technology (CCET), Beijing, China.","DOI":"10.1109\/CCET52649.2021.9544295"},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Su, J., Vasconcellos, D.V., Prasad, S., Sgandurra, D., Feng, Y., and Sakurai, K. (2018, January 23\u201327). Lightweight classification of IoT malware based on image recognition. Proceedings of the 2018 IEEE 42Nd Annual Computer Software and Applications Conference (COMPSAC), Tokyo, Japan.","DOI":"10.1109\/COMPSAC.2018.10315"},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"16946","DOI":"10.1109\/JIOT.2021.3075694","article-title":"CNN-based malware variants detection method for internet of things","volume":"8","author":"Li","year":"2021","journal-title":"IEEE Internet Things J."},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"124379","DOI":"10.1109\/ACCESS.2019.2937347","article-title":"Cyber security threats detection in internet of things using deep learning approach","volume":"7","author":"Ullah","year":"2019","journal-title":"IEEE Access"},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"3770","DOI":"10.1109\/JIOT.2021.3100063","article-title":"IoT malware classification based on lightweight convolutional neural networks","volume":"9","author":"Yuan","year":"2021","journal-title":"IEEE Internet Things J."},{"key":"ref_27","doi-asserted-by":"crossref","unstructured":"Phu, T.N., Hoang, L.H., Toan, N.N., Tho, N.D., and Binh, N.N. (2019, January 4\u20136). CFDVex: A novel feature extraction method for detecting cross-architecture IoT malware. Proceedings of the 10th International Symposium on Information and Communication Technology, Ha Long Bay, Vietnam.","DOI":"10.1145\/3368926.3369702"},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"1654","DOI":"10.1109\/TC.2020.3015584","article-title":"MTHAEL: Cross-architecture IoT malware detection based on neural network advanced ensemble learning","volume":"69","author":"Vasan","year":"2020","journal-title":"IEEE Trans. Comput."},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"e5173","DOI":"10.1002\/cpe.5173","article-title":"An opcode-based technique for polymorphic Internet of Things malware detection","volume":"32","author":"Darabian","year":"2020","journal-title":"Concurr. Comput. Pract. Exp."},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"4540","DOI":"10.1109\/JIOT.2020.3026660","article-title":"A multikernel and metaheuristic feature selection approach for IoT malware threat hunting in the edge layer","volume":"8","author":"Haddadpajouh","year":"2020","journal-title":"IEEE Internet Things J."},{"key":"ref_31","doi-asserted-by":"crossref","unstructured":"Park, D., Powers, H., Prashker, B., Liu, L., and Yener, B. (2020, January 14\u201317). Towards Obfuscated Malware Detection for Low Powered IoT Devices. Proceedings of the 2020 19th IEEE International Conference on Machine Learning and Applications (ICMLA), Miami, FL, USA.","DOI":"10.1109\/ICMLA51294.2020.00173"},{"key":"ref_32","doi-asserted-by":"crossref","unstructured":"Venkatraman, S., and Alazab, M. (2017, January 21\u201323). Classification of malware using visualisation of similarity matrices. Proceedings of the 2017 Cybersecurity and Cyberforensics Conference (CCC), London, UK.","DOI":"10.1109\/CCC.2017.11"},{"key":"ref_33","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1016\/j.sysarc.2019.01.017","article-title":"Fuzzy pattern tree for edge malware detection and categorization in IoT","volume":"97","author":"Dovom","year":"2019","journal-title":"J. Syst. Archit."},{"key":"ref_34","doi-asserted-by":"crossref","unstructured":"Yang, S., Cheng, L., Zeng, Y., Lang, Z., Zhu, H., and Shi, Z. (2021, January 21\u201324). Asteria: Deep learning-based AST-encoding for cross-platform binary code similarity detection. Proceedings of the 2021 51st Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN), Taipei, Taiwan.","DOI":"10.1109\/DSN48987.2021.00036"},{"key":"ref_35","doi-asserted-by":"crossref","unstructured":"Hamad, S.A., Sheng, Q.Z., and Zhang, W.E. (2021, January 20\u201322). BERTDeep-Ware: A Cross-architecture Malware Detection Solution for IoT Systems. Proceedings of the 2021 IEEE 20th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), Shenyang, China.","DOI":"10.1109\/TrustCom53373.2021.00130"},{"key":"ref_36","doi-asserted-by":"crossref","unstructured":"Li, C., Shen, G., and Sun, W. (2021, January 18\u201322). Cross-architecture Intemet-of-Things malware detection based on graph neural network. Proceedings of the 2021 International Joint Conference on Neural Networks (IJCNN), Shenzhen, China.","DOI":"10.1109\/IJCNN52387.2021.9533500"},{"key":"ref_37","doi-asserted-by":"crossref","first-page":"20018","DOI":"10.1109\/JIOT.2022.3170927","article-title":"Inter-BIN: Interaction-Based Cross-Architecture IoT Binary Similarity Comparison","volume":"9","author":"Song","year":"2022","journal-title":"IEEE Internet Things J."},{"key":"ref_38","doi-asserted-by":"crossref","first-page":"314","DOI":"10.1016\/j.future.2021.06.032","article-title":"Visualization and deep-learning-based malware variant detection using OpCode-level features","volume":"125","author":"Darem","year":"2021","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_39","unstructured":"Dinakarrao, S.M.P., Sayadi, H., Makrani, H.M., Nowzari, C., Rafatirad, S., and Homayoun, H. (2019, January 25\u201329). Lightweight node-level malware detection and network-level malware confinement in iot networks. Proceedings of the 2019 Design, Automation & Test in Europe Conference & Exhibition (DATE), Florence, Italy."},{"key":"ref_40","doi-asserted-by":"crossref","unstructured":"Li, Z., Perez, B., Khan, S.A., Feldhaus, B., and Zhao, D. (2021, January 18\u201321). A New Design of Smart Plug for Real-time IoT Malware Detection. Proceedings of the 2021 IEEE Microelectronics Design & Test Symposium (MDTS), Albany, NY, USA.","DOI":"10.1109\/MDTS52103.2021.9476113"},{"key":"ref_41","doi-asserted-by":"crossref","unstructured":"Pham, D.-P., Marion, D., and Heuser, A. (2021, January 6\u201310). Poster: Obfuscation Revealed-Using Electromagnetic Emanation to Identify and Classify Malware. Proceedings of the 2021 IEEE European Symposium on Security and Privacy (EuroS&P), Vienna, Austria.","DOI":"10.1109\/EuroSP51992.2021.00055"},{"key":"ref_42","doi-asserted-by":"crossref","first-page":"2487","DOI":"10.1109\/TIM.2018.2815431","article-title":"An effective methodology for measuring software resource usage","volume":"67","author":"Catuogno","year":"2018","journal-title":"IEEE Trans. Instrum. Meas."},{"key":"ref_43","doi-asserted-by":"crossref","unstructured":"Yu, R., Zhang, X., and Zhang, M. (2021, January 26\u201328). Smart home security analysis system based on the internet of things. Proceedings of the 2021 IEEE 2nd International Conference on Big Data, Artificial Intelligence and Internet of Things Engineering (ICBAIE), Nanchang, China.","DOI":"10.1109\/ICBAIE52039.2021.9389849"},{"key":"ref_44","doi-asserted-by":"crossref","unstructured":"Alrubayyi, H., Goteng, G., Jaber, M., and Kelly, J. (2021, January 10\u201313). A novel negative and positive selection algorithm to detect unknown malware in the IoT. Proceedings of the IEEE INFOCOM 2021-IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), Vancouver, BC, Canada.","DOI":"10.1109\/INFOCOMWKSHPS51825.2021.9484483"},{"key":"ref_45","doi-asserted-by":"crossref","unstructured":"Kumar, A., and Lim, T.J. (2019, January 15\u201318). EDIMA: Early detection of IoT malware network activity using machine learning techniques. Proceedings of the 2019 IEEE 5th World Forum on Internet of Things (WF-IoT), Limerick, Ireland.","DOI":"10.1109\/WF-IoT.2019.8767194"},{"key":"ref_46","doi-asserted-by":"crossref","unstructured":"Palla, T.G., and Tayeb, S. (2021, January 10\u201313). Intelligent Mirai malware detection in IOT devices. Proceedings of the 2021 IEEE World AI IoT Congress (AIIoT), Virtual.","DOI":"10.1109\/AIIoT52608.2021.9454215"},{"key":"ref_47","doi-asserted-by":"crossref","unstructured":"Bendiab, G., Shiaeles, S., Alruban, A., and Kolokotronis, N. (July, January 29). IoT malware network traffic classification using visual representation and deep learning. Proceedings of the 2020 6th IEEE Conference on Network Softwarization (NetSoft), Ghent, Belgium.","DOI":"10.1109\/NetSoft48620.2020.9165381"},{"key":"ref_48","doi-asserted-by":"crossref","first-page":"1218","DOI":"10.1109\/JSAC.2020.2986618","article-title":"A network function virtualization system for detecting malware in large IoT based networks","volume":"38","author":"Guizani","year":"2020","journal-title":"IEEE J. Sel. Areas Commun."},{"key":"ref_49","doi-asserted-by":"crossref","first-page":"22756","DOI":"10.1109\/ACCESS.2022.3153716","article-title":"Towards SDN-Enabled, Intelligent Intrusion Detection System for Internet of Things (IoT)","volume":"10","author":"Muthanna","year":"2022","journal-title":"IEEE Access"},{"key":"ref_50","first-page":"2639","article-title":"Optimal deep reinforcement learning for intrusion de-tection in uavs","volume":"70","author":"Praveena","year":"2022","journal-title":"Comput. Mater. Contin."},{"key":"ref_51","doi-asserted-by":"crossref","unstructured":"Sudar, K., Beulah, M., Deepalakshmi, P., Nagaraj, P., and Chinnasamy, P. (2021, January 27\u201329). Detection of Distributed Denial of Service Attacks in SDN using Machine learning techniques. Proceedings of the 2021 International Conference on Computer Communication and Informatics (ICCCI), Coimbatore, India.","DOI":"10.1109\/ICCCI50826.2021.9402517"},{"key":"ref_52","doi-asserted-by":"crossref","unstructured":"Cozzi, E., Graziano, M., Fratantonio, Y., and Balzarotti, D. (2018, January 21\u201323). Understanding linux malware. Proceedings of the 2018 IEEE symposium on security and privacy (SP), San Francisco, CA, USA.","DOI":"10.1109\/SP.2018.00054"},{"key":"ref_53","doi-asserted-by":"crossref","unstructured":"Ban, T., Isawa, R., Yoshioka, K., and Inoue, D. (2018, January 5\u20138). A cross-platform study on IoT malware. Proceedings of the 2018 Eleventh International Conference on Mobile Computing and Ubiquitous Network (ICMU), Auckland, New Zealand.","DOI":"10.23919\/ICMU.2018.8653580"},{"key":"ref_54","doi-asserted-by":"crossref","unstructured":"Li, B., Li, J., Wo, T., Hu, C., and Zhong, L. (2010, January 8\u201310). A VMM-based system call interposition framework for program monitoring. Proceedings of the 2010 IEEE 16th International Conference on Parallel and Distributed Systems, Washington, DC, USA.","DOI":"10.1109\/ICPADS.2010.53"},{"key":"ref_55","first-page":"102460","article-title":"KVMInspector: KVM Based introspection approach to detect malware in cloud environment","volume":"51","author":"Mishra","year":"2020","journal-title":"J. Inf. Secur. Appl."},{"key":"ref_56","doi-asserted-by":"crossref","unstructured":"Cheng, S.-M., Ban, T., Huang, J.-W., Hong, B.-K., and Inoue, D. (2020, January 21). ELF analyzer demo: Online identification for IoT malwares with multiple hardware architectures. Proceedings of the 2020 IEEE Security and Privacy Workshops (SPW), San Francisco, CA, USA.","DOI":"10.1109\/SPW50608.2020.00036"},{"key":"ref_57","doi-asserted-by":"crossref","first-page":"96899","DOI":"10.1109\/ACCESS.2020.2995887","article-title":"Dynamic analysis for IoT malware detection with convolution neural network model","volume":"8","author":"Jeon","year":"2020","journal-title":"IEEE Access"},{"key":"ref_58","doi-asserted-by":"crossref","unstructured":"Chen, T., and Liu, H. (2021, January 23\u201325). Research on the Construction of Cloud Computing Platform Project Based on IaaS and PaaS. Proceedings of the 2021 7th Annual International Conference on Network and Information Systems for Computers (ICNISC), Guiyang, China.","DOI":"10.1109\/ICNISC54316.2021.00096"},{"key":"ref_59","unstructured":"Ubantu Manuals (2023, February 01). Syscalls\u2014Linux System Calls. Available online: https:\/\/manpages.ubuntu.com\/manpages\/impish\/man2\/syscalls.2.html."},{"key":"ref_60","unstructured":"(2023, February 01). VirusTotal. Available online: https:\/\/www.virustotal.com."}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/23\/6\/3060\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,3,13]],"date-time":"2023-03-13T08:37:54Z","timestamp":1678696674000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/23\/6\/3060"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,3,13]]},"references-count":60,"journal-issue":{"issue":"6","published-online":{"date-parts":[[2023,3]]}},"alternative-id":["s23063060"],"URL":"https:\/\/doi.org\/10.3390\/s23063060","relation":{},"ISSN":["1424-8220"],"issn-type":[{"type":"electronic","value":"1424-8220"}],"subject":[],"published":{"date-parts":[[2023,3,13]]}}}