A Survey of Machine Learning Algorithms for Detecting Malware in IoT Firmware

TL;DR

This survey reviews machine learning algorithms, including traditional and deep learning models, for detecting malware in IoT firmware, highlighting the most effective approaches for enhancing IoT security.

Contribution

It provides a comprehensive comparison of various machine learning techniques applied to IoT firmware malware detection, identifying top-performing models and architectures.

Findings

Gradient Boosting, Logistic Regression, and Random Forest are most effective.

Deep learning models like CNNs show promising results.

The study offers insights into the best algorithms for IoT malware detection.

Abstract

This work explores the use of machine learning techniques on an Internet-of-Things firmware dataset to detect malicious attempts to infect edge devices or subsequently corrupt an entire network. Firmware updates are uncommon in IoT devices; hence, they abound with vulnerabilities. Attacks against such devices can go unnoticed, and users can become a weak point in security. Malware can cause DDoS attacks and even spy on sensitive areas like peoples' homes. To help mitigate this threat, this paper employs a number of machine learning algorithms to classify IoT firmware and the best performing models are reported. In a general comparison, the top three algorithms are Gradient Boosting, Logistic Regression, and Random Forest classifiers. Deep learning approaches including Convolutional and Fully Connected Neural Networks with both experimental and proven successful architectures are also explored.