Logo image
Back
On the detection of malware on virtual assistants based on behavioral anomalies
Thesis   Open access

On the detection of malware on virtual assistants based on behavioral anomalies

Mahshid Noorani
Master of Science (M.S.), Drexel University
Jun 2019
DOI:
https://doi.org/10.17918/ckv0-8x43
pdf
Noorani_Mahshid_20195.29 MBDownloadView
PDF Open Access Open Access (License Unspecified)

Abstract

Electrical engineering Computer Science Internet of Things
The Internet of Things (IoT) refers to the growing network of "smart objects." The increase in popularity of IoT devices, due to their efficiency and convenience, has given rise to new security concerns. The variety and novelty of IoT devices provide a corpus of malware that is of insufficient size to employ classic machine learning algorithms. This makes anomaly detection methods for IoT device security more attractive, especially in the short term, until there are enough behavioral signatures for malware to train more sophisticated machine learning detection models for these devices. This thesis explores some of the security concerns pertaining to running software similar to Amazon Alexa home assistant on IoT-like platforms. We implement a behavioral-based malware detector and compare the effectiveness of different system attributes that are used in detecting malware, i.e., system calls, network traffic, and the integration of system call and network traffic features. Given the small number of malware samples for IoT devices, we create a parameterizable malware sample that mimics Alexa behavior in varying degrees, while exfiltrating data from the device to a remote host. The performance of our anomaly detector is evaluated based on how well it determines the presence of our parameterized malware on an Alexa-enabled IoT device.

Metrics

110 File views/ downloads
34 Record Views

Details

Logo image