Detection Method for Classifying Malicious Firmware

A malicious firmware update may prove devastating to the embedded devices both that make up Internet of Things (IoT) and typically lack same security verifications now applied full operating systems. This work converts binary headers 40,000 examples from bytes into 1024-pixel thumbnail images train a deep neural network. The aim is distinguish benign variants using modern learning methods without needing detailed functional or forensic analysis tools. One outcome this image conversion enables contact with vast machine literature already handle digit recognition (MNIST). Another result indicates greater than 90% accurate classifications possible image-based convolutional networks (CNN) when combined transfer methods. envisioned CNN application would intercept updates before their distribution IoT score likelihood containing variants. To explain how model makes classification decisions, research applies traditional statistical such as single ensembles decision trees identifiable pixel byte values contribute determination.