A System Emulation for Malware Detection in Routers
Tran Nghi Phu1, Ngo Quoc Dung2, Le Van Hoang3, Nguyen Dai Tho4, Nguyen Ngoc Binh5
1Tran Nghi Phu, VNU University of Engineering and TechnologyInstitute of Informatics, Hanoi, Vietnam.
2Ngo Quoc Dung, VNU University of Engineering and TechnologyInstitute of Informatics, Hanoi, Vietnam.
3Le Van Hoang, VNU University of Engineering and TechnologyInstitute of Informatics, Hanoi, Vietnam.
4Nguyen Dai Tho, VNU University of Engineering and TechnologyInstitute of Informatics, Hanoi, Vietnam.
5Nguyen Ngoc Binh, VNU University of Engineering and TechnologyInstitute of Informatics, Hanoi, Vietnam.
Manuscript received on 01 September 2019. | Revised Manuscript received on 22 September 2019. | Manuscript published on 30 September 2019. | PP: 32-40 | Volume-8 Issue-11, September 2019. | Retrieval Number: J99090881019/2019©BEIESP | DOI: 10.35940/ijitee.J9909.0981119
Open Access | Ethics and Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: Nowadays, there are many discussions on the fourth industrial revolution with a combination of real physical and virtual systems (Cyber Physical Systems), Internet of Things (IoT) and Internet of Services (IoS). Along with this revolution is the rapid development of malicious code on IoT devices, leading to not only the risk of personal privacy information leaking but also the risk of network security in general. In this paper, we propose C500-toolkit, a novel tool for malware detection in Commercial-off-the-shelf routers, based on dynamic analysis approach. The main contribution of C500-toolkit is to provide an environment for fully emulating router firmware image including both operating system and web-interface. To show the advantage of C500-toolkit, experiments of this tool with embedded malwares Linux/TheMoon and Linux/Mirai are presented.
Keywords: IoT Security, Router Security,Firmware, C500-Toolkit.
Scope of the Article: Security, Privacy and Trust in IoT & IoE