HeuCrip: a malware detection approach for internet of battlefield things

摘要

To improve the accuracy of malware detection on the Internet of Battlefield Things (IoBTs), a class of malware detection techniques transforms the benign and malware files into control flow graph (CFG) for better detection of malwares. In the construction process of CFG, the binary code of a file is transformed into opcodes using disassemblers. Probability CFGs are generated where vertices represent the opcodes and the edges between the opcodes represent the probability of occurrence of those opcodes in the file. Probability CFGs are fed to the deep learning model for further training and testing. The accuracy of deep learning model depends on the probability of CFGs. If the graph generation techniques reflectorize the binary file more accurately, then the result of the deep learning malware detection model is likely to be more accurate. In this research, we identify the limitations of the existing probability CFG techniques, propose a new probability CFG generation technique which is the combination of crisp and heuristic approaches called HeuCrip, and compare the proposed technique with the existing state-of-the-art schemes. The experimental results show that the HeuCrip achieved 99.93 accuracy, and show significant improvement in performance as compared to the existing state-of-the-art schemes.