Malware detection is one of the most critical features in many real
applications, especially for the mobile platform and the Internet
of Things (IoT) technology. Due to the proliferation of mobile devices and the associated app-stores, the volume of new applications
growing extremely fast requires a better way to analyze all possible malicious behaviors. In this paper, we investigate the malware
prediction problem using system log files that contain numbers of
sequences of system calls recorded from IoT devices. We construct
a suitable multi-class classification model by using the combination
of hand-crafted features, (including Bag-of-Ngrams, TF-IDF, and the
statistical metrics computed from the consecutive repeated system
calls in each log file). Also, we consider different machine learning
models, including Random Forest, Support Vector Machines, and
Extreme Gradient Boosting, and measure the performance of each
method in terms of precision, recall, and F1-score. The experimental results show that a combination of different features, as well
as using the Extreme Gradient Boosting technique, can help us
to achieve promising performance in the dataset provided by the
organizers of the competition CMDC 2019.
Item Type:
Conference or Workshop Item (Paper)
Event Type:
Workshop
Refereed:
Yes
Uncontrolled Keywords:
malware detection; SVMs; IoT; XGBoost; random forest
Proceedings of the 2020 Intelligent Cross-Data Analysis and Retrieval Workshop (ICDAR ’20).
.
Association for Computing Machinery (ACM). ISBN 978-1-4503-7087-5