Classification Of Internet Of Things Malware Traffic Based On Representation Learning

In recent years,with the increase of the number of devices in the Internet of Things(Io T),the Internet of Things has gradually been deeply integrated into people's learning,work and daily life in every corner.While it provides great convenience for our life,there are also many security risks.Among them,malicious software poses a serious harm to the security of network space.At the same time,in order to avoid the detection of malicious code,the attacker generates a large number of new malicious code variants by using various deformation technologies and automatic generation tools of malicious code.Although malicious software and its variants emerge in an endless stream,the same malicious software family shows certain similarities in the execution of malicious code.Therefore,in addition to detecting whether the communication traffic is generated by malicious software,it is also crucial to detect the category of malicious software family.Focusing on the Internet of Things,this paper studies the fine-grained classification of Io T malware family by using the traffic generated by malware when it is running,and proposes a method of Io T Malware traffic family classification based on representation learning,which uses representation learning and computer vision technology to solve the problem of traffic classification.Representation learning,namely the representation of learning data,aims to automatically learn the information representation in the original data,so that it is easier for us to obtain effective data features and information when we construct classifiers and other work in the future.The work of this paper includes :(1)constructing a Malware traffic data set from the real Internet of Things environment,which contains 12504 traffic samples from five different families of Internet of Things malicious samples;(2)A classification method of Internet of Things Malware traffic based on gray image characterization and using Resnet50 classification was proposed.The classification accuracy of this method was 90.25% on our data set.(3)An Internet of Things Malware traffic classification method based on video representation and using C3 DLSTM classification was proposed.The classification accuracy rate of this method was 93.08% on the same data set.On this basis,an online Malware family classification system is developed.