Intelligent Real-Time Polymorphic IoT Malware Detection System Using Opcode Analysis and Adaptive Machine Learning
IoT Malware Detection License Framework
π Project Overview This project detects polymorphic IoT malware by analyzing executable binaries converted into grayscale images. It uses a Convolutional Neural Network (CNN) trained on the MalImg dataset to classify malware families and benign files in real time.
ποΈ Dataset The MalImg Dataset contains grayscale images generated from malware binaries, categorized by families (e.g., Allaple, Lollipop).
Directory Structure:
βββ benign_images/ # Benign IoT firmware images
βββ malware_images/ # Malware family images (e.g., Mirai variants)
βββ test_images/ # Images for model evaluation
π οΈ Installation Clone the Repository:
git clone https://github.com/your-username/iot-malware-detection.git
cd iot-malware-detection
Install Dependencies:
pip install tensorflow keras numpy matplotlib scikit-learn
Download the MalImg Dataset:
Place the dataset in the malware_images/ folder.
Add benign IoT firmware images to benign_images/.
π Usage
- Train the CNN Model Run the training script to build and save the malware detection model:
python cnnmodel.py
Output: A trained model (saved in /model) and accuracy/loss plots.
- Test the Model Evaluate the model on new images:
python model_testing.py --image_path test_images/sample.png
π Project Structure
Copy
βββ benign_images/ # Benign IoT firmware images
βββ malware_images/ # Malware family images (from MalImg)
βββ test_images/ # Test images for evaluation
βββ model/ # Saved CNN model (e.g., model.h5)
βββ cnnmodel.py # CNN model training script
βββ model_testing.py # Script to test the model on new images
βββ README.md
π Results
Accuracy: ~95% on the MalImg test set.
Confusion Matrix: Confusion Matrix
Real-Time Detection: Processes images in <50ms on a mid-tier GPU.
π References MalImg Dataset Paper
TensorFlow Documentation
Polymorphic Malware Detection Techniques