Artificial intelligence-driven malware detection framework for internet of things environment

Shtwai Alsubai; Ashit Kumar Dutta; Abdullah M Alnajim; Abdul Rahaman Wahab Sait; Rashid Ayub; Afnan Mushabbab AlShehri; Naved Ahmad

doi:10.7717/peerj-cs.1366

Artificial intelligence-driven malware detection framework for internet of things environment

PeerJ Comput Sci. 2023 May 29:9:e1366. doi: 10.7717/peerj-cs.1366. eCollection 2023.

Authors

Shtwai Alsubai^#¹, Ashit Kumar Dutta^#², Abdullah M Alnajim³, Abdul Rahaman Wahab Sait⁴, Rashid Ayub⁵, Afnan Mushabbab AlShehri⁶, Naved Ahmad⁶

Affiliations

¹ Prince Sattam Bin Abdulaziz University, Al-Kharj, Kingdom of Saudi Arabia.
² Department of Computer Science and Information Technology, Almaarefa University, Riyadh, Kingdom of Saudi Arabia.
³ Department of Information Technology, College of computer, Qassim University, Buraydah, Saudi Arabia.
⁴ Department of Archives and Communication, King Faisal University, Al Ahsa, Hofuf, Kingdom of Saudi Arabia.
⁵ Department of Science Technology & Innovation Unit, King Saud University, Riyadh, Saudi Arabia.
⁶ Department of Computer Science and Information Systems, College of Applied Sciences, AlMaarefa University, Ad Diriyah, Riyadh, Kingdom of Saudi Arabia.

^# Contributed equally.

Abstract

The Internet of Things (IoT) environment demands a malware detection (MD) framework for protecting sensitive data from unauthorized access. The study intends to develop an image-based MD framework. The authors apply image conversion and enhancement techniques to convert malware binaries into RGB images. You only look once (Yolo V7) is employed for extracting the key features from the malware images. Harris Hawks optimization is used to optimize the DenseNet161 model to classify images into malware and benign. IoT malware and Virusshare datasets are utilized to evaluate the proposed framework's performance. The outcome reveals that the proposed framework outperforms the current MD framework. The framework generates the outcome at an accuracy and F1-score of 98.65 and 98.5 and 97.3 and 96.63 for IoT malware and Virusshare datasets, respectively. In addition, it achieves an area under the receiver operating characteristics and the precision-recall curve of 0.98 and 0.85 and 0.97 and 0.84 for IoT malware and Virusshare datasets, accordingly. The study's outcome reveals that the proposed framework can be deployed in the IoT environment to protect the resources.

Keywords: Convolutional neural network; Deep learning; Industrial IoT; Internet of Things; Machine learning; Malware detection.

Grants and funding

The authors received support from AlMaarefa University while conducting this research work. This study is supported via funding from Prince Sattam bin Abdulaziz University project number (PSAU/2023/R/1444). This work was supported by the Deanship of Scientific Research, Vice Presidency for Graduate Studies and Scientific Research, King Faisal University, Saudi Arabia [Grant No. 2740]. The funders had no role in study design, data collection and analysis, decision to publish, or preparation of the manuscript.