IoT malware detection architecture using a novel channel boosted and squeezed CNN

Interaction between devices, people, and the Internet has given birth to a new digital communication model, the internet of things (IoT). The integration of smart devices to constitute a network introduces many security challenges. These connected devices have created a security blind spot, where cybercriminals can easily launch attacks to compromise the devices using malware proliferation techniques. Therefore, malware detection is a lifeline for securing IoT devices against cyberattacks. This study addresses the challenge of malware detection in IoT devices by proposing a new CNN-based IoT malware detection architecture (iMDA). The proposed iMDA is modular in design that incorporates multiple feature learning schemes in blocks including (1) edge exploration and smoothing, (2) multi-path dilated convolutional operations, and (3) channel squeezing and boosting in CNN to learn a diverse set of features. The local structural variations within malware classes are learned by Edge and smoothing operations implemented in the split-transform-merge (STM) block. The multi-path dilated convolutional operation is used to recognize the global structure of malware patterns. At the same time, channel squeezing and merging helped to regulate complexity and get diverse feature maps. The performance of the proposed iMDA is evaluated on a benchmark IoT dataset and compared with several state-of-the CNN architectures. The proposed iMDA shows promising malware detection capacity by achieving accuracy: 97.93%, F1-Score: 0.9394, precision: 0.9864, MCC: 0. 8796, recall: 0.8873, AUC-PR: 0.9689 and AUC-ROC: 0.9938. The strong discrimination capacity suggests that iMDA may be extended for the android-based malware detection and IoT Elf files compositely in the future.