Machine Learning Based Malware Analysis in Digital Forensic with IoT Devices

The use of IoT (Internet of Things) devices such as echo devices, smart locks, hue lights amongst a few, in our daily lives, has increased widely in this era of digitalization. People are gradually becoming dependent on these devices for their work or to store confidential data. This has also led to the concerns of security that arise with the use of these IoT devices. IoT devices are prone to malware attacks because of their dependency on the internet, technical complexity and integration of both hardware and software technology. The use of vulnerabilities in these devices by the cyber criminals is becoming extravagant. Also, the identification and categorization of IoT malware by cybersecurity analysts is further complicated by the diversity of IoT malware and the heterogeneity of IoT platforms. The aim of this paper is to analyze the malwares that are affecting the IoT devices and propose machine learning methodologies to identify these malwares based on various parameters. This paper focused mainly on malwares such as Mirai, Torii, Mushtik and Trojan that have been rampant in IoT devices these days. The models were trained based on algorithms such as SVM, Decision Tree, Naive Bayes, CNN, XG Boosting Classifier and Gradient Boosting Regression. The XG Boosting Classifier model has provided the highest accuracy of 97.4% amongst all other models. Thus, for the dataset used, XG Boosting Classifier is the best classifier that can be used to detect malware traffic in IoT devices.