IoT malware network traffic classification using visual representation and deep learning

Gueltoum Bendiab*, Stavros Shiaeles, Abdulrahman Alruban, Nicholas Kolokotronis

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contribution

806 Downloads (Pure)

Abstract

With the increase of IoT devices and technologies coming into service, Malware has risen as a challenging threat with increased infection rates and levels of sophistication. Without strong security mechanisms, a huge amount of sensitive data are exposed to vulnerabilities, and therefore, easily abused by cybercriminals to perform several illegal activities. Thus, advanced network security mechanisms that are able of performing a real-time traffic analysis and mitigation of malicious traffic are required. To address this challenge, we are proposing a novel IoT malware traffic analysis approach using deep learning and visual representation for faster detection and classification of new malware (zero-day malware). The detection of malicious network traffic in the proposed approach works at the package level, reducing significantly the time of detection with promising results due to the deep learning technologies used. To evaluate our proposed method performance, a dataset is constructed which consists of 1000 pcap files of normal and malware traffic that are collected from different network traffic sources. The experimental results of Residual Neural Network (ResNet50) are very promising, providing a 94.50% accuracy rate for detection of malware traffic.

Original languageEnglish
Title of host publicationProceedings of the 2020 IEEE Conference on Network Softwarization
Subtitle of host publicationBridging the Gap Between AI and Network Softwarization, NetSoft 2020
EditorsFilip De Turck, Prosper Chemouil, Tim Wauters, Mohamed Faten Zhani, Walter Cerroni, Rafael Pasquini, Zuqing Zhu
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages444-449
Number of pages6
ISBN (Electronic)978-1-7281-5684-2
ISBN (Print)978-1-7281-5685-9
DOIs
Publication statusPublished - 12 Aug 2020
Event6th IEEE Conference on Network Softwarization - Online, Belgium
Duration: 29 Jun 20203 Jul 2020

Conference

Conference6th IEEE Conference on Network Softwarization
Abbreviated titleNetSoft 2020
Country/TerritoryBelgium
Period29/06/203/07/20

Keywords

  • Intrusion Detection System
  • Machine learning
  • Network traffic
  • Security

Fingerprint

Dive into the research topics of 'IoT malware network traffic classification using visual representation and deep learning'. Together they form a unique fingerprint.

Cite this