Abstract
Established Internet of Things (IoT) platforms suffer from their inability to determine whether an IoT app is secure or not. A security analysis system (SAS) is a protective shield against any attack that breaks down data privacy and security. Its main task focuses on detecting malware and verifying app behavior. There are many SASs implemented in various IoT applications. Most of them build on utilizing static or dynamic analysis separately. However, the hybrid analysis is the best for obtaining accurate results. The SAS provides an effective outcome according to many criteria related to the analysis process, such as analysis type, characteristics, sensitivity, and analysis techniques. This paper proposes a new hybrid (static and dynamic) SAS based on the model-checking technique and deep learning, called an HSAS-MD analyzer, which focuses on the holistic analysis perspective of IoT apps. It aims to analyze the data of IoT apps by (1) converting the source code of the target applications to the format of a model checker that can deal with it; (2) detecting any abnormal behavior in the IoT application; (3) extracting the main static features from it to be tested and classified using a deep-learning CNN algorithm; (4) verifying app behavior by using the model-checking technique. HSAS-MD gives the best results in detecting malware from malicious smart Things applications compared to other SASs. The experimental results of HSAS-MD show that it provides 95%, 94%, 91%, and 93% for accuracy, precision, recall, and F-measure, respectively. It also gives the best results compared with other analyzers from various criteria.
Highlights
An security analysis system (SAS) depends on four factors to build an efficient detector: (i) the PA type used; (ii) the PA technique used in the SAS, such as model-checking, program-slicing, taint-tracking, etc.; (iii) PA sensitivity, describing splitting data into uncertainties in the output such as context, path, API, etc.; (iv) characteristics of analysis, such as a control flow graph (CFG)
The results show that deep learning (DL) methods outperformed more profoundly in every assessment aspect
For the static analysis phase, which depends on the rule model, model-checking technique (MCT) depends on rewriting logic
Summary
Security analysis systems (SAS) play an essential role in providing security and privacy, as they can analyze the behavior of IoT applications by detecting any malware, violations, or vulnerabilities. The hybrid analysis provides the best result to detect any malware, by avoiding static or dynamic usage drawbacks. HSAS-MD, a new SAS among the effective SASs, which is continuously being developed as a security compiler tool to act as a protective shield to detect malware. It depends on the PA of the IoT APP, which may automatically verify app behavior. HSAS-MD, a hybrid analysis which analyzes IoT Apps by extracting static and dynamic features based on model-checking techniques. The relevant abbreviations used in this paper are shown in Abbreviations
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have