Design of Automation Environment for Analyzing Various IoT Malware

Lee, Sungwon; Jeon, Hyeonkyu; Park, Gihyun; Youn*, Jonghee

doi:10.17559/TV-20210202131602

Tehnički vjesnik, Vol. 28 No. 3, 2021.

Izvorni znanstveni članak

https://doi.org/10.17559/TV-20210202131602

Design of Automation Environment for Analyzing Various IoT Malware

Sungwon Lee ; Dept. Of Computer Engineering, Yeungnam University, 280 Daehak-Ro, Gyeongsan, Gyeongbuk, Republic of Korea
Hyeonkyu Jeon ; Dept. Of Computer Engineering, Yeungnam University, 280 Daehak-Ro, Gyeongsan, Gyeongbuk, Republic of Korea
Gihyun Park ; Dept. Of Computer Engineering, Yeungnam University, 280 Daehak-Ro, Gyeongsan, Gyeongbuk, Republic of Korea
Jonghee Youn* ; Dept. Of Computer Engineering, Yeungnam University, 280 Daehak-Ro, Gyeongsan, Gyeongbuk, Republic of Korea

Puni tekst: engleski pdf 715 Kb

str. 827-835

preuzimanja: 598

citiraj

APA 6th Edition

Lee, S., Jeon, H., Park, G. i Youn*, J. (2021). Design of Automation Environment for Analyzing Various IoT Malware. Tehnički vjesnik, 28 (3), 827-835. https://doi.org/10.17559/TV-20210202131602

MLA 8th Edition

Lee, Sungwon, et al. "Design of Automation Environment for Analyzing Various IoT Malware." Tehnički vjesnik, vol. 28, br. 3, 2021, str. 827-835. https://doi.org/10.17559/TV-20210202131602. Citirano 26.04.2024.

Chicago 17th Edition

Lee, Sungwon, Hyeonkyu Jeon, Gihyun Park i Jonghee Youn*. "Design of Automation Environment for Analyzing Various IoT Malware." Tehnički vjesnik 28, br. 3 (2021): 827-835. https://doi.org/10.17559/TV-20210202131602

Harvard

Lee, S., et al. (2021). 'Design of Automation Environment for Analyzing Various IoT Malware', Tehnički vjesnik, 28(3), str. 827-835. https://doi.org/10.17559/TV-20210202131602

Vancouver

Lee S, Jeon H, Park G, Youn* J. Design of Automation Environment for Analyzing Various IoT Malware. Tehnički vjesnik [Internet]. 2021 [pristupljeno 26.04.2024.];28(3):827-835. https://doi.org/10.17559/TV-20210202131602

IEEE

S. Lee, H. Jeon, G. Park i J. Youn*, "Design of Automation Environment for Analyzing Various IoT Malware", Tehnički vjesnik, vol.28, br. 3, str. 827-835, 2021. [Online]. https://doi.org/10.17559/TV-20210202131602

Sažetak

With the increasing proliferation of IoT systems, the security of IoT systems has become very important to individuals and businesses. IoT malware has been increasing exponentially since the emergence of Mirai in 2016. Because the IoT system environment is diverse, IoT malware also has various environments. In the case of existing analysis systems, there is no environment for dynamic analysis by running IoT malware of various architectures. It is inefficient in terms of time and cost to build an environment that analyzes malware one by one for analysis. The purpose of this paper is to improve the problems and limitations of the existing analysis system and provide an environment to analyze a large amount of IoT malware. Using existing open source analysis tools suitable for various IoT malicious codes and QEMU, a virtualization software, the environment in which the actual malicious code will run is built, and the library or system call that is actually called is statically and dynamically analyzed. In the text, the analysis system is applied to the actual collected malicious code to check whether it is analyzed and derive statistics. Information on the architecture of malicious code, attack method, command used, and access path can be checked, and this information can be used as a basis for malicious code detection research or classification research. The advantages are described of the system designed compared to the most commonly used automated analysis tools and improvements to existing limitations.

Ključne riječi

automated analysis; IoT malware; IoT malware classification; massive malware

Hrčak ID:

258208

URI

https://hrcak.srce.hr/258208

Datum izdavanja:

6.6.2021.

Posjeta: 1.131 *

Prijava i registracija

Tehnički vjesnik, Vol. 28 No. 3, 2021.

Sažetak

Ključne riječi

Hrčak ID:

URI

Datum izdavanja: