IoT Malware Detection and Dynamic Analysis of MQTT Simulated Network

doi:10.23940/ijpe.24.07.p5.451459

Abstract

Abstract: The growth of Internet of Things (IoT) devices has created opportunities in multiple sectors, but has also created the threat of growing attacks. Malicious actors are taking advantages of the lightweight nature of IoT devices and targeting them to perform attacks. This paper presents a novel approach to detect malicious traffic at an early stage to block attacks at the entry point of network so devices could be protected from getting infected. An optimized Machine Learning(ML) based algorithm is proposed specifically designed for light weighted IoT devices. The IoT- 23 dataset is used in this study to create a model and test the performance. The proposed model detects diverse categories of IoT malwares, creating security threats and challenges to IoT systems. MQTT (Message Queuing Telemetry Transport) is utilized to simulate behavior of IoT devices. Attack and normal traffic is passed to the IoT network to record latency and throughput in both scenarios. Performance of five different classifiers is compared with the proposed algorithm and had outstanding results with an accuracy 99.98%. The detection model takes around 52.89 seconds and processes 3965.27 samples per second. Utilization of CPU during the entire process is observed around 3.5%. Future research directions and suggestions have also been given to enhance the security of IoT environment.

Key words: IoT security, IoT-23, MQTT, intrusion detection system, machine learning

Ajeet Kumar Sharma and Rakesh Kumar. IoT Malware Detection and Dynamic Analysis of MQTT Simulated Network [J]. Int J Performability Eng, 2024, 20(7): 451-459.

Add to citation manager EndNote|Reference Manager|ProCite|BibTeX|RefWorks

References

[1] Abanmi N., Kurdi H. and Alzamel M., 2022. Dynamic IoT malware detection in Android systems using profile hidden Markov models.Applied Sciences, 13(1), p.557.
[2] Buriro A., Buriro A.B., Ahmad T., Buriro S. and Ullah S., 2023. MalwD&C: a quick and accurate machine learning-based approach for malware detection and categorization.Applied Sciences, 13(4), p.2508.
[3] Alatram A., Sikos L.F., Johnstone M., Szewczyk P. and Kang J.J., 2023. DoS/DDoS-MQTT-IoT: A dataset for evaluating intrusions in IoT networks using the MQTT protocol. Computer Networks, 231, p.109809.
[4] Souri, A. and Hosseini, R., 2018. A state-of-the-art survey of malware detection approaches using data mining techniques. Human-centric Computing and Information Sciences,8(1), pp.1-22.
[5] Lakshminarayana S., Praseed A. and Thilagam P.S., 2024. Securing the IoT Application Layer from an MQTT Protocol Perspective: Challenges and Research Prospects.IEEE Communications Surveys & Tutorials.
[6] Paris I.L.B.M., Habaebi M.H. and Zyoud A.M., 2023. Implementation of SSL/TLS security with MQTT protocol in IoT environment. Wireless Personal Communications,132(1), pp.163-182.
[7] Muñoz Castañeda Á.L., Mata J.A.A. and Aláiz-Moretón H., 2023. Characterization of threats in IoT from an MQTT protocol-oriented dataset. Complex & Intelligent Systems,9(5), pp.5281-5296.
[8] Çelik S., Yalçın N. and Çakır S., 2023. MitM Attacks and IoT Security: A Case Study on MQTT. Journal of Artificial Intelligence and Data Science,3(2), pp.99-106.
[9] Hintaw A.J., Manickam S., Karuppayah S., Aladaileh M.A., Aboalmaaly M.F. and Laghari S.U.A., 2023. A robust security scheme based on enhanced symmetric algorithm for MQTT in the Internet of Things.IEEE Access, 11, pp.43019-43040.
[10] Chien, H.Y. and Ciou, P.P., 2023. Design and Implementation of Efficient IoT Authentication Schemes for MQTT 5.0. Journal of Internet Technology,24(3), pp.665-674.
[11] Al Hanif, A. and Ilyas, M., 2024. Effective Feature Engineering Framework for Securing MQTT Protocol in IoT Environments.Sensors, 24(6), p.1782.
[12] Al-Ani A., Shen W.K., Al-Ani A.K., Laghari S.A. and Elejla O.E., 2023, September. Evaluating Security of MQTT Protocol in Internet of Things. In 2023 IEEE Canadian Conference on Electrical and Computer Engineering (CCECE)(pp. 502-509). IEEE.
[13] Sushma P.,2024. Smart Devices Security with Armstrong Number Encryption Standard Algorithm using MQTT Protocol-An Iot Application. International Journal of Intelligent Systems and Applications in Engineering,12(10), p. 45-51.
[14] Alzahrani, A. and Aldhyani, T.H., 2022. Artificial intelligence algorithms for detecting and classifying MQTT protocol Internet of Things attacks.Electronics, 11(22), p.3837.
[15] Devi, R.A. and Arunachalam, A.R., 2023. Enhancement of IoT device security using an Improved Elliptic Curve Cryptography algorithm and malware detection utilizing deep LSTM.High-Confidence Computing, 3(2), p.100117.
[16] Otoom, A.F. and Abdallah, E.E., 2023. Deep learning for accurate detection of brute force attacks on IOT Networks.Procedia Computer Science, 220, pp.291-298.
[17] Zeeshan M., Riaz Q., Bilal M.A., Shahzad M.K., Jabeen H., Haider S.A. and Rahim A., 2021. Protocol-based deep intrusion detection for dos and ddos attacks using unsw-nb15 and bot-iot data-sets.IEEE Access, 10, pp.2269-2283.
[18] Ibitoye O., Shafiq O. and Matrawy A., 2019, December. Analyzing adversarial attacks against deep learning for intrusion detection in IoT networks. In 2019 IEEE global communications conference (GLOBECOM)(pp. 1-6). IEEE.
[19] Ahmad M., Riaz Q., Zeeshan M., Tahir H., Haider S.A. and Khan M.S., 2021. Intrusion detection in internet of things using supervised machine learning based on application and transport layer features using UNSW-NB15 data-set.EURASIP Journal on Wireless Communications and Networking, 2021, pp.1-23.
[20] Michelena Á., Aveleira‐Mata J., Jove E., Bayón‐Gutiérrez M., Novais P., Romero O.F., Calvo‐Rolle J.L. and Aláiz‐Moretón H., 2024. A novel intelligent approach for man‐in‐the‐middle attacks detection over internet of things environments based on message queuing telemetry transport.Expert Systems, 41(2), p.e13263.
[21] Almiani M., AbuGhazleh A., Al-Rahayfeh A., Atiewi S. and Razaque A., 2020. Deep recurrent neural network for IoT intrusion detection system. Simulation Modelling Practice and Theory, 101, p.102031.
[22] Zeghida H., Boulaiche M. and Chikh R., 2023. Securing MQTT protocol for IoT environment using IDS based on ensemble learning. International Journal of Information Security,22(4), pp.1075-1086.
[23] Alaiz-Moreton H., Aveleira-Mata J., Ondicol-Garcia J., Muñoz-Castañeda A.L., García I. and Benavides C., 2019. Multiclass Classification Procedure for Detecting Attacks on MQTT‐IoT Protocol.Complexity, 2019(1), p.6516253.
[24] Mosaiyebzadeh F., Rodriguez L.G.A., Batista D.M. and Hirata R., 2021, November. A network intrusion detection system using deep learning against mqtt attacks in iot. In 2021 IEEE Latin-American Conference on Communications (LATINCOM)(pp. 1-6). IEEE.
[25] Abbas A., Khan M.A., Latif S., Ajaz M., Shah A.A. and Ahmad J., 2022. A new ensemble-based intrusion detection system for internet of things.Arabian Journal for Science and Engineering, pp.1-15.
[26] Kaushik, A. and Al-Raweshidy, H., 2024. A novel intrusion detection system for internet of things devices and data. Wireless Networks,30(1), pp.285-294.