Abstract
One of the most rapidly growing areas in the last few years is the Internet of Things (IoT), which has been used in widespread fields such as healthcare, smart homes, and industries. Android is one of the most popular operating systems (OS) used by IoT devices for communication and data exchange. Android OS captured more than 70 percent of the market share in 2021. Because of the popularity of the Android OS, it has been targeted by cybercriminals who have introduced a number of issues, such as stealing private information. As reported by one of the recent studies Android malware are developed almost every 10 s. Therefore, due to this huge exploitation an accurate and secure detection system is needed to secure the communication and data exchange in Android IoT devices. This paper introduces Droid-IoT, a collaborative framework to detect Android IoT malicious applications by using the blockchain technology. Droid-IoT consists of four main engines: (i) collaborative reporting engine, (ii) static analysis engine, (iii) detection engine, and (iv) blockchain engine. Each engine contributes to the detection and minimization of the risk of malicious applications and the reporting of any malicious activities. All features are extracted automatically from the inspected applications to be classified by the machine learning model and store the results into the blockchain. The performance of Droid-IoT was evaluated by analyzing more than 6000 Android applications and comparing the detection rate of Droid-IoT with the state-of-the-art tools. Droid-IoT achieved a detection rate of 97.74% with a low false positive rate by using an extreme gradient boosting (XGBoost) classifier.
Highlights
The Internet of Things (IoT) has been used in a variety of applications, such as smart vehicles, smart homes, healthcare, smart shopping, and smart agriculture
The proposed system consists of four main engines: (i) the collaborative reporting engine that searches for the generated hash of the newly installed application on all the participating devices that have Droid-IoT installed; (ii) the static analysis engine, which is responsible for disassembling the inspected application to the source code to extract all of the required features, such as the utilized Application Programming Interfaces (APIs) and the application’s meta-data, permissions, activities, services, and receivers; (iii) the detection engine, which contains the intelligent model that applies the extracted features to the machine learning model in order to classify the inspected application as either benign or malicious; and (iv) the blockchain engine that is responsible for timestamping and adding each new analyzed application to the blockchain of Droid-IoT
Droid-IoT consists of two sides: (1) user side, which is an Android application running on the user’s device that monitors whether a new application is installed or an installed application is updated, and (2) server side, which is the back-end server that processes all the requests received by the user side
Summary
The Internet of Things (IoT) has been used in a variety of applications, such as smart vehicles, smart homes, healthcare, smart shopping, and smart agriculture. These applications are used to collect data from different sensors in order to provide an intelligent solution for different tasks. The architecture of Android consists of four main layers The base of these layers is the Linux kernel, which is one of the most well-known operating systems. It has many features such as portability, security, and open source. The Linux kernel provides Android with several security features such as permissions and process isolation. This isolates the users’ resources from each other. Each application on Android is assigned a User ID (UID), sometimes called app ID, which runs the application as an isolated process
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
