Attention-Based Multidimensional Deep Learning Approach for Cross-Architecture IoMT Malware Detection and Classification in Healthcare Cyber-Physical Systems

Abstract

A literature survey shows that the number of malware attacks is gradually growing over the years due to the growing trend of Internet of Medical Things (IoMT) devices. To detect and classify malware attacks, automated malware detection and classification is an essential subsystem in healthcare cyber-physical systems. This work proposes an attention-based multidimensional deep learning (DL) approach for a cross-architecture IoMT malware detection and classification system based on byte sequences extracted from Executable and Linkable Format (ELF; formerly named Extensible Linking Format) files. The DL approach automates the feature design and extraction process from unstructured byte sequences. In addition, the proposed approach facilitates the detection of the central processing unit (CPU) architecture of the ELF file. A detailed experimental analysis and its evaluation are shown on the IoMT cross-architecture benchmark dataset. In all the experiments, the proposed method showed better performance compared with those obtained from several existing methods with an accuracy of 95% for IoMT malware detection, 94% for IoMT malware classification, and 95% for CPU architectures classification. The proposed method also suggests a similar performance with an accuracy of 94% on the Microsoft malware dataset. Experimental results on two malware datasets indicate that the proposed method is robust and generalizable in cross-architecture IoMT malware detection, classification, and CPU architectures classification in healthcare cyber-physical systems.