Poster: Flexible Function Estimation of IoT Malware Using Graph Embedding Technique | |
---|---|
Author | |
Abstract |
Most IoT malware is variants generated by editing and reusing parts of the functions based on publicly available source codes. In our previous study, we proposed a method to estimate the functions of a specimen using the Function Call Sequence Graph (FCSG), which is a directed graph of execution sequence of function calls. In the FCSG-based method, the subgraph corresponding to a malware functionality is manually created and called a signature-FSCG. The specimens with the signature-FSCG are expected to have the corresponding functionality. However, this method cannot detect the specimens with a slightly different subgraph from the signature-FSCG. This paper found that these specimens were supposed to have the same functionality for a signature-FSCG. These specimens need more flexible signature matching, and we propose a graph embedding technique to realize it. |
Year of Publication |
2022
|
Date Published |
jun
|
DOI |
10.1109/ISCC55528.2022.9912475
|
Google Scholar | BibTeX | DOI |