| IEICE Technical Committee Submission System Conference Paper's Information |
Online Proceedings [Sign in] Tech. Rep. Archives |
| Go Top Page | Go Previous | [Japanese] / [English] |
| Paper Abstract and Keywords | ||
| Presentation | 2020-11-26 14:00 Malware detection for IoT devices using whitelist and Isolation Forest Masataka Nakahara, Norihiro Okui, Yasuaki Kobayashi, Yutaka Miyake (KDDI Research)  ICSS2020-20 |
|
| Abstract | (in Japanese) | (See Japanese page) |
| (in English) | As the number of IoT (Internet of Things) devices increases, the countermeasures against cyberattacks related to IoT devices become more important. Although methods to prevent malware infection to IoT devices are important, such prevention becomes difficult due to sophisticated infection steps and lack of computational resource for security software in IoT devices. Therefore, detecting malware infection of devices is also important to suppress malware spread. As the types of IoT devices and malwares are increasing, advanced anomaly detection method like machine learning is required to find malware infected devices. Because IoT devices cannot analyze own behavior by using machine learning due to limited computing resources, such analysis should be executed at gateway devices to the Internet. So we have proposed an architecture for detecting malware behavior using flow data of packets instead of whole packet information. As this proposal only uses flow information of each IoT device, it can reduce the storage space taken up by data and can analyze number of IoT devices with low computational resources. We performed the malware traffic detection on proposed architecture by using machine learning algorithms, but there were a lot of false positive detection. Therefore, in this paper, we propose hybrid system using machine learning and white list automatically generated from the packet of devices. The white list eliminated benign packets from the target of malware traffic detection, and it can decrease the false positive rate. We evaluate the performance of proposed method and show the efficiency. | |
| Keyword | (in Japanese) | (See Japanese page) |
| (in English) | IoT / anomaly detection / machine learning / white list / / / / | |
| Reference Info. | IEICE Tech. Rep., vol. 120, no. 264, ICSS2020-20, pp. 7-12, Nov. 2020. | |
| Paper # | ICSS2020-20 | |
| Date of Issue | 2020-11-19 (ICSS) | |
| ISSN | Online edition: ISSN 2432-6380 | |
| Copyright and reproduction |
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) | |
| Download PDF | ICSS2020-20 |
|
| Conference Information | |
| Committee | ICSS |
| Conference Date | 2020-11-26 - 2020-11-27 |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | Online |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | Security, etc. |
| Paper Information | |
| Registration To | ICSS |
| Conference Code | 2020-11-ICSS |
| Language | Japanese |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Malware detection for IoT devices using whitelist and Isolation Forest |
| Sub Title (in English) | |
| Keyword(1) | IoT |
| Keyword(2) | anomaly detection |
| Keyword(3) | machine learning |
| Keyword(4) | white list |
| Keyword(5) | |
| Keyword(6) | |
| Keyword(7) | |
| Keyword(8) | |
| 1st Author's Name | Masataka Nakahara |
| 1st Author's Affiliation | KDDI Research, Inc. (KDDI Research) |
| 2nd Author's Name | Norihiro Okui |
| 2nd Author's Affiliation | KDDI Research, Inc. (KDDI Research) |
| 3rd Author's Name | Yasuaki Kobayashi |
| 3rd Author's Affiliation | KDDI Research, Inc. (KDDI Research) |
| 4th Author's Name | Yutaka Miyake |
| 4th Author's Affiliation | KDDI Research, Inc. (KDDI Research) |
| 5th Author's Name | |
| 5th Author's Affiliation | () |
| 6th Author's Name | |
| 6th Author's Affiliation | () |
| 7th Author's Name | |
| 7th Author's Affiliation | () |
| 8th Author's Name | |
| 8th Author's Affiliation | () |
| 9th Author's Name | |
| 9th Author's Affiliation | () |
| 10th Author's Name | |
| 10th Author's Affiliation | () |
| 11th Author's Name | |
| 11th Author's Affiliation | () |
| 12th Author's Name | |
| 12th Author's Affiliation | () |
| 13th Author's Name | |
| 13th Author's Affiliation | () |
| 14th Author's Name | |
| 14th Author's Affiliation | () |
| 15th Author's Name | |
| 15th Author's Affiliation | () |
| 16th Author's Name | |
| 16th Author's Affiliation | () |
| 17th Author's Name | |
| 17th Author's Affiliation | () |
| 18th Author's Name | |
| 18th Author's Affiliation | () |
| Speaker | Author-1 |
| Date Time | 2020-11-26 14:00:00 |
| Presentation Time | 25 minutes |
| Registration for | ICSS |
| Paper # | ICSS2020-20 |
| Volume (vol) | vol.120 |
| Number (no) | no.264 |
| Page | pp.7-12 |
| #Pages | 6 |
| Date of Issue | 2020-11-19 (ICSS) |
[Return to Top Page]