Wu Wei, Peng Haipeng, Zhu Haotian, Zhang Derun
Information Security Center, State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing 100876, China.
National Engineering Laboratory for Disaster Backup and Recovery, Beijing University of Posts and Telecommunications, Beijing 100876, China.
Sensors (Basel). 2024 Jun 30;24(13):4253. doi: 10.3390/s24134253.
With the rapid development of the Internet of Things (IoT), the sophistication and intelligence of sensors are continually evolving, playing increasingly important roles in smart homes, industrial automation, and remote healthcare. However, these intelligent sensors face many security threats, particularly from malware attacks. Identifying and classifying malware is crucial for preventing such attacks. As the number of sensors and their applications grow, malware targeting sensors proliferates. Processing massive malware samples is challenging due to limited bandwidth and resources in IoT environments. Therefore, compressing malware samples before transmission and classification can improve efficiency. Additionally, sharing malware samples between classification participants poses security risks, necessitating methods that prevent sample exploitation. Moreover, the complex network environments also necessitate robust classification methods. To address these challenges, this paper proposes CSMC (Compressed Sensing Malware Classification), an efficient malware classification method based on compressed sensing. This method compresses malware samples before sharing and classification, thus facilitating more effective sharing and processing. By introducing deep learning, the method can extract malware family features during compression, which classical methods cannot achieve. Furthermore, the irreversibility of the method enhances security by preventing classification participants from exploiting malware samples. Experimental results demonstrate that for malware targeting Windows and Android operating systems, CSMC outperforms many existing methods based on compressed sensing and machine or deep learning. Additionally, experiments on sample reconstruction and noise demonstrate CSMC's capabilities in terms of security and robustness.
随着物联网(IoT)的快速发展,传感器的复杂性和智能程度不断提升,在智能家居、工业自动化和远程医疗保健中发挥着越来越重要的作用。然而,这些智能传感器面临许多安全威胁,尤其是来自恶意软件攻击的威胁。识别和分类恶意软件对于防范此类攻击至关重要。随着传感器及其应用数量的增加,针对传感器的恶意软件也在激增。由于物联网环境中的带宽和资源有限,处理大量恶意软件样本具有挑战性。因此,在传输和分类之前压缩恶意软件样本可以提高效率。此外,在分类参与者之间共享恶意软件样本会带来安全风险,因此需要防止样本被利用的方法。此外,复杂的网络环境也需要强大的分类方法。为了应对这些挑战,本文提出了CSMC(压缩感知恶意软件分类),一种基于压缩感知的高效恶意软件分类方法。该方法在共享和分类之前压缩恶意软件样本,从而促进更有效的共享和处理。通过引入深度学习,该方法可以在压缩过程中提取恶意软件家族特征,这是传统方法无法实现的。此外,该方法的不可逆性通过防止分类参与者利用恶意软件样本增强了安全性。实验结果表明,对于针对Windows和安卓操作系统的恶意软件,CSMC优于许多现有的基于压缩感知以及机器学习或深度学习的方法。此外,关于样本重建和噪声的实验证明了CSMC在安全性和鲁棒性方面的能力。
